Technology Solutions     Multi-Factor Authentication (MFA) Setup

Multi-factor authentication is also known as MFA, two-factor authentication (also 2FA) and dual authentication.  Instead of authenticating yourself with just a password, at least a second form of verification is added, typically a short code texted to your phone or shown on a special app.

Wait, I have to do an extra step every time I log in or open my email???

 No, you should only need to enter a code if you're using a new computer to access your email, and even then you can tell it to remember you for 60 days.  If you're using Outlook on your computer, you shouldn't have to ever enter a code.  If you also regularly access your email on your phone, you may have to type in the code from a text message sent to your phone around every 60 days or longer.

How to set up your MFA

We have just enabled this 2FA technology on your email account.  Below are the next steps you'll need to complete to finish setting it up.  Follow along with the video to the right.


  1. From your desktop or laptop computer open a web browser to https://aka.ms/MFASetup



  2. If you're prompted to log in, log in with your email address and password (often the same password you use to access your computer). If  it doesn't prompt you to log in, you are likely already logged in. In that case, log out and back in, or try to log in using an incognito session. 

  3. You should then see a windows that says, "More information required."  Click Next.

  4. On the next page, choose Mobile app from the dropdown. 



  5. Select Receive notifications for verification.

  6. Click Set Up.

  7. On your cell phone, go to your app store and search for and install the Microsoft Authenticator app.  The app will look like this:

    Microsoft Authenticator

  8. Open the newly installed Microsoft Authenticator app on your phone.  After you have installed the app, it may be called only “Authenticator” and not "Microsoft Authenticator".

    Important note:     If the app prompts you to allow permissions for it to send you notifications, allow it.

  9. In the app, touch Add Account and then touch Work or school account. This will open the camera on your phone to scan the code on your computer screen.  You may have to give the app permission to use the camera on your phone.  Using your phone’s camera, scan the QR code that you see back on the website.  You do this by holding your phone up to the screen and position the QR code (the blank and white square with a bunch of smaller squares) inside the square on your phone’s display.

  10.  Back on your computer, click Next.  The website will now show a message that it's checking the activation status.

  11. If a message then appears that "mobile app has been configured for notifications", click Next again.



  12. You should now receive an “Approve sign-in” notification prompt on your phone.  Go ahead and approve the sign-in.

    Important note: That popup you just saw is how you will approve or deny suspicious sign-ins to your email account. If you receive the “approve sign-in” prompt and you are NOT actively trying to sign into your email, do not approve it.  A hacker could have guessed or stolen your password and might be trying to log into your email to spam people, and you do not want to allow them access. 

  13. You may also see a page asking you to enter your phone number.  Go ahead and do that if it asks you, entering your country code first.

  14. On the final page, you’ll be shown an “app password”.  Copy and save that password.  If you use an older version of Outlook on your computer, ifOutlook prompts you for credentials and your regular credentials do not work, you can use that “app password” instead.  If you would like to genereate additional "app passwords" in the future you can go to the following link to do so: https://account.activedirectory.windowsazure.com/AppPasswords.aspx

  15. If you get email on your phone or tablet, just enter your regular password, and then you should be prompted to "approve sign-in" via the notification on your phone.  If you are not prompted, try creating a NEW app password for your phone using the link in step 13.

  16. On the final page, you’ll be shown an “app password”.  You do not need to save or worry about that password unless you use an older version of Office or older email app on your phone.

Congratulations!  You are now set up with Multi Factor Authentication!

The general rule of thumb of figuring out if you need to use an app password is if you are not prompted for MFA on your phone when  you enter your password in Outlook on your computer or in your mail program on your phone, or if your regular password doesn't seem to work.  In those cases, you will need to generate and use a separate app password for each of the programs (you can't use the same app password for all of the programs).  If that happens, you can generate new app passwords at https://account.activedirectory.windowsazure.com/AppPasswords.aspx

 If you use any of the following programs, you will need a separate app password for each of them:
  • Outlook on your Windows laptop/desktop that's version Outlook 2010 or older.








  • Office for Mac 2011 on your Apple desktop or laptop computer








  • If you use the default email app on your Android Phone (however, if you use the Outlook app on your Android phone you do NOT need to use an app password).








  • If you have iOS 10 or below on your iPhone (not iPhone 10 but iOS 10 which is the operating system version)







You can use your regular password (and approve the sign-in using your Authenticator app) if you're using any of the following:
  • Outlook 2013, Outlook 2016, or Outlook 365 on your laptop/desktop PC








  • iOS 11 and up








  • The Outlook app (not native email/mail app) on iPhone or Android








  • Outlook 2016 on your Apple/Macintosh desktop or laptop computer









Please follow the steps for your particular device at this link.