Multi-Factor Authentication (MFA) helps safeguard access to data. Simply put - once enabled you'll need your password and a second verification meaning even if someone knows your password they won't be able to access your account.
This link will walk you through enabling MFA on your account: https://aka.ms/MFASetup
I recommend enabling both the Microsoft Authenticator app option and phone/text
Methods available for MFA/two-step verification
- Phone call - A call is placed to a user’s registered phone. The user enters a PIN if necessary then presses the # key.
- Text message - A text message is sent to a user’s mobile phone with a six-digit code. The user enters this code on the sign-in page.
- Mobile app notification - A verification request is sent to a user’s smartphone. The user enters a PIN if necessary then selects Verify on the mobile app.
- Mobile app verification code - The mobile app, which is running on a user’s smartphone, displays a verification code that changes every 30 seconds. The user finds the most recent code and enters it on the sign-in page.
- Third-party OATH tokens - Azure Multi-Factor Authentication Server can be configured to accept third-party verification methods.
References:
demo, walking through the options: https://www.youtube.com/watch?v=psP9w5xlXw0
https://www.youtube.com/watch?v=qNndxl7gqVM
Troubleshooting:
https://account.activedirectory.windowsazure.com/proofup.aspx?proofup=1