Home  ›  How Do I Share My Office 365 With Family

How Do I Share My Office 365 With Family

Written By sábado, 5 de março de 2022 Add Comment Edit

In the last couple of weeks, I have been working on deploying Function 365 Multi-Factor Authentication. The master challenge was not the setup of MFA in Role 365, but with deploying this in our organisation was to inform our users, and so we don't get besides many helpdesk tickets once MFA is enabled, and to come up with a good rollout plan.

Setup multi factor authentication office 365

In this article, I will walk you through the setup process of Function 365 multi-factor authentication and give you lot some tips on how to ringlet it out in your organization.

Note

Make sure that you lot have enabled modern authentication. Especially in older tenants this needs to exist enabled manually.

Role 365 MFA License

Before we start with the setup of MFA in Office 365, we will accept a quick look at the license. Multi-gene authentication is function of the Microsoft 365 concern (and Office 365) plans. With Office 365 MFA you can only protect Office 365 applications.

This means that all Office 365 Online applications are protected and also the OneDrive customer and Outlook application. What isn't protected with MFA is, for instance, logging in on your estimator.

Multi-Factor Authentication for Part 365 doesn't offer all the security features that are bachelor in the Azure MFA version. But more than than enough for a good additional security layer on your user sign-ins.

The post-obit features are available:

  • Mobile app (Microsoft Authenticator app)
  • Phone telephone call
  • SMS
  • App password for clients that don't support MFA (Gmail app on Android for example)
  • Remember MFA for trusted devices

1 of the features that I really miss compared to the Azure MFA version is the I-Fourth dimension bypass and the Trusted IPs.

Setup mfa part 365

You need to be tenant Admin to gear up MFA for your Office 365 tenant.

  1. Open up the Admin Center and become to Users > Active Users
  2. Open Multi-factor authentication

    Don't select any user notwithstanding, only open the Multi-factor authentication screen. You will find the button in the toolbar. Office 365 Enable MFA

  3. Open up the Service settings

    Before we start enabling MFA for the users, we outset go through the service settings. The button to the settings screen doesn't stand up out, but it's only below the title
    Office 365 Multi factor autentication service settings

  4. Setup MFA Office 365

    A few settings are important here:

    Brand certain you cheque "Practise not let user to create App password". This is only needed for apps that don't back up multi-factor authentication. You should prevent the apply of these kinds of apps in your tenant.

    Cell to phone and text message to phone is as well less secure. Only enable them when you really need them.

    Make sure that trusted devices is set to 90 days atleast.

    set up multi factory authentication
  5. Enable MFA for Office 365 users

    After y'all have set the settings to your liking click on save and then on users (simply below the title Multi-factor authentication).

    You see the list of your users again. Hither y'all can select single or multiple users to enable MFA.

    At the moment y'all enable Office 365 MFA for a user it can get the setup screen every bit presently as the users browse to one of the Office 365 products.

    Enable MFA for users in Office 365

Using the bulk update characteristic

You can also enable multi-gene authentication with the bulk update feature. This works with a simple excel file containing the usernames and the required condition (enable, disable). Merely click on the bulk update push and download the sample file

Using PowerShell to enable MFA

Another option is to use PowerShell to enable MFA. The advantage of using PowerShell is that you can automate it, then you lot never forget the enable information technology for a user.

I have created a pocket-size script to enable MFA with PowerShell that you can notice here. I likewise created a script to get the MFA condition of your users that you can find in this article.

Enable Location and Number Matching

By default, the MFA asking on your telephone only asks if you desire to improve or deny the request. Yous can't see where the request is coming from, which is a security risk.

To mitigate the adventure, you tin enable number matching and/or add boosted context (location and app) to the MFA request.

Read more virtually those features in this article.

Planning the roll-out

When you enable MFA for a user it will, at the adjacent login, get a screen that boosted security measure is required. And so make sure you have informed your user upfront with a clear user guide on the steps they have to take.

Some of the fall pits I come up across are:

  • Some users didn't notice they had to select the mobile app in pace i. So they got an SMS text which isn't really user-friendly
  • Make sure your users select "Receive notification for verification"
  • Users with an Apple tree demand to allow push notification for the Microsoft Authenticator app. Not all Apple users know where to find that (resulting in helpdesk calls)
  • If users start the MFA process them cocky, through https://aka.ms/mfasetup, they can't create an app password immediately

Create I pilot group with different types of users. I start with 15 users spread across the company to test MFA for 6 weeks. This allowed me to meliorate the manual and detect whatsoever issues that might come.

If you lot take a large organization make sure y'all roll it out in batches. No matter how expert the manual is, information technology will result in a raise in helpdesk tickets.

Changing user preferences

Users tin can easily change their preferences or manage the continued mobile phone(s) through their Part 365 account page. Also, the creating of an additional app countersign tin can be done here by the user self.

  1. Login at myaccount.microsoft.com
  2. Become to Security Info in the carte on the left side

At the top, you can change the Default sign-in method. The near user-friendly option hither is to use the Microsoft Authenticator – Notification.

multi-factor authentication in office 365

In the list you can add dissimilar authentication methods, which is e'er a good thought to take in case the app isn't working or if y'all have switched phone and the app is not been installed yet.

The user tin create an app countersign. I password tin can be used for multiple applications, but information technology is improve to create unique app passwords for every application that can't handle MFA.

Conclusion

There is no reason not to employ multi-factor authentication in Role 365. The setup is done in a couple of minutes and the user affect is minimal. Information technology adds an additional layer of security to a part of your Information technology environment which is ever a good affair.

Brand sure you take a expect at the Best Practice to Secure Office 365 Guide with more than eighteen security tips.

The video below from Microsoft is really great to inform your users, so even the most inexperienced user is able to enable MFA.

Yous may also like this article almost using OneDrive to safely shop the user's desktop, documents, and image folder.

kleimanevehist.blogspot.com

Source: https://lazyadmin.nl/office-365/how-to-setup-mfa-in-office-365/

0 Response to "How Do I Share My Office 365 With Family"

Postar um comentário

Assinar: Postar comentários (Atom)

Iklan Atas Artikel

Iklan Tengah Artikel 1

Iklan Tengah Artikel 2

Iklan Bawah Artikel