The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Enable Multifactor Authentication in Microsoft 365

Download Windows Speedup Tool to fix errors and make PC run faster

This post will show you how to enable multifactor authentication in Microsoft 365. Multifactor Authentication (MFA) provides an extra level of security for sign-ins. In Microsoft 365, MFA includes a strong password and a text message, call, or via the Microsoft Authenticator smartphone app. Keep reading this post to learn how to enable Multifactor Authentication in Microsoft 365.

Enable Multifactor Authentication in Microsoft 365

How to Enable Multifactor Authentication in Microsoft 365?

You can enable multifactor authentication in Microsoft 365 by following these methods:

  1. Using Security Defaults
  2. Using Conditional Access Policies
  3. Enable MFA for Individual User Account

Now, let’s see these in detail.

1] Using Security Defaults

Security defaults is a new feature for paid or trial versions of Microsoft 365. This ensures that all organizations have a basic level of security for user sign-ins. Here’s how you can enable security defaults using security defaults:

Sign in to the Microsoft Entra admin center with an administrator account.

Navigate to Identity > Overview > Properties and select Manage security defaults.

Security defaults

Here, set Security defaults to Enabled and click on Save.

2] Using Conditional Access Policies

Conditional Access policies

Conditional Access policies are rules that specify conditions that evaluate and allow sign-ins. This allows users to enable MFA on group membership instead of configuring individual user accounts. Here’s how you can enable multifactor authentication using Conditional Access Policies:

  1. Sign in to the Microsoft 365 Admin Center or the Azure AD portal with an administrator account.
  2. Here, set the Security defaults to Disabled.
  3. Next, the Azure AD admin portal will open; click on Conditional access and then select New policy.
  4. The conditional access policy window will now open, set up the policy settings, assign it to desired users and groups, and click on Save.

3] Enable MFA for Individual User Accounts

Enable MFA for Individual User Account

If none of the above methods helped you, try enabling multifactor authentication individually for each user account. Here’s how:

  1. Sign in to the Microsoft 365 Admin Center with an administrator account.
  2. Navigate to the Users section, select Active users, and click on Multi-factor authentication.
  3. A window will now open with a list of all the active users; here, click on Security & Privacy and select Additional security verification.
  4. Next, select the user you want to enable multifactor authentication for.
  5. Lastly, click on Enable in the pane to confirm the changes made.

Read: Multi-Factor Authentication: Benefits of using MFA

How to enable Multifactor Authentication Office 365 using PowerShell?

To enable Multifactor authentication Office 365, open PowerShell as an admin and run this command:

Get-MsolUser –All | Foreach{ Set-MsolUser -UserPrincipalName
$_.UserPrincipalName -StrongAuthenticationRequirements $auth}

Is MFA mandatory in Microsoft 365?

Microsoft strongly recommends MFA for all users, including hybrid workers and server admins. This helps prevent unauthorized access even when a user’s password is compromised.

ShubhamKumar@TWC

Shubham is a graduate in Information Technology who likes to write about Windows Troubleshooting as well as Gaming Tips. He's always engaged with new tech and gadgets. When not writing, he enjoys reading books, watching movies, and exploring new technologies.