Multi-Factor Authentication Now Available on Office 365


Office 365 now includes Multi-Factor Authentication for its Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans. No additional purchase will be required to enable this security features in the existing Office 365 plans.

Multi-factor authentication increases the security of user logins for cloud services beyond the password. The second authentication method included in Office 365 allows users to sign in via a phone call, text message, or an app notification on their smartphone after correctly entering their password.

This feature has been available for Office 365 administrative roles since June 2013, the addition of multi-factor authentication to other user accounts is part of Microsoft’s ongoing effort to enhance security for Office 365.

App Passwords in Multi-Factor Authentication for Office 365

Users who are enrolled for multi-factor authentication are required to configure App Passwords in order to use Office desktop applications, including Outlook, Lync, Word, Excel, PowerPoint, and SkyDrive Pro.

Once an information worker has logged in with multi-factor authentication, they will be able to create one or more App Passwords for use in Office client applications. An App Password is a 16-character randomly generated password that can be used with an Office client application as a way of increasing security in lieu of the second authentication factor.

App Passwords are not available for use with PowerShell access to Office 365, and they can be turned off entirely for the Office 365 tenant for customers who have special security policies.

The ability to use multi-factor authentication directly from Office 2013 client applications may soon be coming to Office 365 customers. This will include native multi-factor authentication for applications such as Outlook, Lync, Word, Excel, PowerPoint, PowerShell, and OneDrive for Business, with a release date planned for later in 2014. This update includes the current phone-based multi-factor authentication, and it adds capability to integrate other forms of authentication such as: third-party multi-factor authentication solutions and smart cards. Smart card support is planned to include the U.S. Department of Defense (DoD) Common Access Card (CAC) and the U.S. Federal Personal Identity Verification card (PIV), among others. We’ll give you more information about these and more updates closer to release.