1. You need 2FA on Office 365 (and anywhere else that supports it) to help prevent your account from being compromised.
2. At time of writing the easiest way to login to Outlook is through using an App password; a single, system generated and complex which stops you from needing the second factor when you use Outlook.
First the Why
Over the years, there have been countless published breaches of high profile websites where literally billions of emails and passwords have been compromised. In addition to these known numbers, there will have been many more unpublished or unknown breaches.
In addition to these breaches, there is an entire industry of criminal gangs, phishing for your email password so that they can use this to assume your identity and commit fraud.
In short, keeping your password safe and secure is a lot more problematic than you might otherwise think. If you’d like to find out where YOUR email address has been compromised then you can look this up against a database of known breaches at https://haveibeenpwned.com
Having a second factor – typically a text message sent to your phone or, better still, a random six digit number created by an Authenticator application on your mobile means that even if your password is compromised and someone finds out what it is they can’t login without the random six digit number.
Now the How
The short answer is follow the instructions Microsoft have put together here.
But in our experience, not everyone is able to follow these successfully. So below we’ve provided the missing instructions to make this easier.
1. Check whether your Office 365 admin has turned on multi-factor authentication for your account. If they haven’t, when you try to do these steps you won’t see the options in Office 365.
Your administrator should have told you that they are turning on 2FA for you and given instructions on what to do next. Only you can complete the steps for setting this up for yourself, so without the instructions you shouldn’t proceed.
2. Sign in to Office 365 with your work or school account with your password like you normally do. After you choose Sign in, you’ll see this page:
For best results, open a private browser window and go to https://portal.office.com and sign in with your username and password.
3. Choose Set it up now
Nice easy step. Just click the button.
4. Select your authentication method and then follow the prompts on the page… or watch the video to learn more.
At this point it is easiest to have a text message sent to your mobile phone. If this is your work email and you only have a private phone, don’t worry. The phone is only going to have 6 digit security text messages sent to it to confirm your identity from time to time.
5. After you verify your alternate contact method, choose Next.
Another easy step. Just click the button.
6. You’ll get an app password that you can use with Outlook, Apple Mail, etc. Choose the copy icon to copy the password to your clipboard. You won’t need to memorize this password.
The important bit is COPY this password so you can paste it in a minute or so.
7. Once you complete the instructions to specify how you want to receive your verification code, the next time you sign in to Office 365, you’ll be prompted to enter the code that is sent to you by text message, phone call, etc.
This is true. Now you need to setup your Outlook to use the app password you have Copied in step 6.
8. Open Outlook, such as Outlook 2010, 2013 or 2016.
i.e. open the Outlook on your computer (PC or Mac) that you want to use the app password with.
9. Wherever you’re prompted for your password, paste the app password in the box. For example, if you’ve already added your account to Outlook, when prompted paste the app password here.
Just paste it in. You did copy it, right?