Microsoft 365 - Multi-Factor Authentication (MS 365 MFA)

 

Header

 

MS 365 MFA Documentation

MS 365 MFA Documentation

Follow MS 365 MFA Procedure steps.

Follow MS 365 MFA Procedure steps.

Read more

 

MS 365 MFA Video

MS 365 MFA Video

Set up Microsoft Authenticator using this video

Set up Microsoft Authenticator using this video.

Read more

 

Lost phone or new cell phone number

Lost phone or new cell phone number

Have you lost your phone or changed your cell phone number?

Have you lost your phone or changed your cell phone number?

Email us

 

 

Microsoft has already started gradually enforcing MS 365 MFA in the worldwide Microsoft environment from 15 October 2024. All students will be required to do MS 365 MFA by January 2025. Staff can still opt-in to Multi-Factor Authentication (MFA) until early 2025 after which Microsoft will enforce this security measure for all NWU staff accounts.

This change is part of the Secure Future Initiative, which aims to strengthen security and prevent data breaches.

MFA is a security method commonly required among cloud service providers and requires users to provide two or more pieces of evidence to verify your NWU MS 365 account. It adds an extra layer of protection to the standard username and password authentication.

Currently the NWU user community only use a password to authenticate to access the MS 365 environment and it leaves an insecure vector for attack. If the password is weak or has been exposed elsewhere, an attacker could be using it to gain access. When you require a second form of authentication, security is increased because this additional factor isn't something that's easy for an attacker to obtain or duplicate.

Frequently asked Questions and Answers

 

The main purpose of using MS MFA is to reduce the risk of compromising your NWU Microsoft account and strengthen the security of data saved online.

Microsoft has already started gradually enforcing MS 365 MFA in the worldwide Microsoft environment from 15 October 2024. All students will be required to do MS 365 MFA by January 2025. Staff can still opt-in to Multi-Factor Authentication (MFA) until early 2025 after which Microsoft will enforce this security measure for all NWU staff accounts.

 

These are the additonal verification methods to setup:

  • Microsoft Authenticator app.
  • SMS (Phone).

Methods that can be used to setup Microsoft 365 MFA.

Method 1

MS Authenticator App

Method 2

Send a code via SMS

 

Follow these steps.

  • Sign into the Microsoft 365 portal (office.com).

  • Select your avatar in the top right, then select View account.

  • Select Security info from the left navigation pane to see the account’s security information

 

  1. MFA provides added security for your accounts MFA requires additional validation of login credentials, so even if cybercriminals manage to access a user’s password, they’ll still need to confirm their identity in various ways. The more authorisation methods, the more secure accounts will be.
  2. Mitigates the Risk of Unmanaged Devices When working from home or remotely, employees sometimes use their own personal devices and less secure internet connections to reach their organisations’ networks. A compromised router can allow a hacker to install password-stealing malware on a user’s machine, and personal devices often don’t have the powerful protection installed on them that machines owned by their company do. That means these attacks often go undetected, until the hacker reaches the organisation’s network and much damage is done. With MFA, organisations no longer
    have to worry about the security of remote employees’ personal devices and WiFi connections.
  3.  Enables Your Other Security Measures to Work Effectively If an attacker uses stolen credentials to gain access, they can disable firewalls and anti-virus software, causing much harm. MFA prevents cybercriminals from gaining access to a network via a stolen password and, in doing so, allows other security tools to function as they should. MFA can also act as a warning system that alerts you of unauthorised attempts to gain access: employees just need to report instances where they’re asked for secondary authentication they didn’t ask for.
  4.  Increases Employee Productivity and Flexibility To promote online security, one is often encouraged to set stronger passwords and regularly update them. However, this leads to the likelihood of forgetting passwords and having to reset them, which takes time and can be annoying. MFA lets users sign in, in whichever way suits them, be it via a fingerprint scan or a single-use code generated by an authenticator app. It also enables secure remote access to the company network, which means employees can work securely from home or while travelling.
  5. Assists with Compliance Laws, such as the Protection of Personal Information Act (POPI Act), require organisations to have strong authentication processes in place, particularly if they handle and store sensitive data like personal addresses. By securing your online documents, MFA ensures you’re compliant with the laws of the country. With all these benefits, setting up MFA is definitely worth it.
    It’s also so easy to use!