How to enable 2-factor or multi-factor authentication (2FA or MFA)

Back to Blog
27Apr2017

How to enable 2-factor or multi-factor authentication (2FA or MFA)

Enabling a second factor for authentication is an important (and often very easy) thing to do.  Usually this can be accomplished in just a few clicks for most websites and cloud services. It is highly recommended that you take the time to do this, especially for any accounts that are tied to online banking, financial institutions, and in general, any place that might have your personally identifiable information, SSN, other account numbers, etc. Especially consider it for your personal email accounts, to which many of these online identities are often tied, such as Gmail, Yahoo or Outlook.

Why it’s so damn important these days

What you’re really protecting yourself from here is compromised/leaked account credentials. If a provider gets hacked and their credential databases are leaked, you’re at risk. These kinds of hacks happen a lot more often than you think–check out haveibeenpwned.com for some good examples/evidence of this, and also to look up your own online identities.

Although it isn’t a perfect/guaranteed method for preventing all types of fallout/damage from attacks like this, it can go a really long way, as it means that a hacker now needs to break through an additional security barrier to get access to your accounts & information. This gives you some additional assurance, and extra time to react to the problem, change your passwords, etc.

Below, I am also including some of the big cloud providers, with instructions taken from their own how-to pages on 2FA. I have personal email accounts tied to all of these platforms.

Microsoft (Personal) e.g. Outlook.com, Live.com, etc.: 

  1. Go to the Security settings page, and sign in with your Microsoft account.
  2. Under Two-step verification, choose Set up two-step verification to turn it on, or choose Turn off two-step verification to turn it off.
  3. Follow the instructions.

Google (e.g. Gmail, Play store): 

  1. Go to the 2-Step Verification page. You might have to sign in to your Google Account.
  2. Select Get started.
  3. Follow the step-by-step setup process.

 Yahoo (e.g. Yahoo mail, Flickr, Tumblr):

  1. Sign in to your Yahoo Account info page.
  2. Click Account Security.
  3. Next to Two-step verification, click the On/Off icon click the on-Off icon in the two-step verification process. .
  4. Enter your mobile number.
  5. Click Send SMS to receive a text message with a code or Call me to receive a phone call.
  6. Enter the verification code | click Verify.
  7. The next window refers to the use of apps like iOS Mail or Outlook. Click Create app password to reconnect your apps.

Here is a great collection of many more  how-to resources for enabling 2FA on cloud providers, online banks/financial institutions, social media platforms, and more! Knock yourself out, most of these don’t take long to do, and it is a very small thing that can go a long ways toward protecting you.

If you are an admin for Office 365 or Microsoft Work / School accounts…

I have an article on setting it up for your users here.

 

 

Technical , , , 2 Comments
Share:

Comments (2)

  • Mirian Shade Reply

    Very nice blog post. Among the continuous growing security breaches, it has become essential to have an additional layer of security also other than just passwords to protect personal data of customers, therefore introduction of MFA/2FA was mandatory. ANd today this 2FA has taken multiple forms like SMS verification, Authenticator apps , Physical authentication and bio metric authentication.

    July 31, 2017 at 5:51 am
  • Chet Reply

    Thanks to the wonderful manual

    July 13, 2019 at 1:59 am

Leave a Reply

Back to Blog

Related Posts

17Dec

The many ways to prevent data leakage in Microsoft 365

Office 365 Data Loss Prevention (DLP), Windows Information Protection (aka Endpoint DLP), Conditional Access App Enforced Restrictions, Conditional Access App Control with Microsoft Cloud App security, Sensitivity labels, Retention labels--are you thoroughly confused yet? All of the above can help you to prevent the leakage... read more
31Jul

Replacing folder redirection and mapped network drives: Controlling the OneDrive client experience on Windows 10 with Intune

For as long as we can remember, the primary way to share files in an organization was mapped network drives. This may have included a "Public" or "Company" drive (e.g. P:\ for Public), as well as a "Home" or "User" drive (H:\ or U:\ respectively).... read more
02Mar

It’s all about your downtime tolerance

Before you go picking the cheapest possible IT solution that meets your business requirements, or on the other side of the equation, adding unnecessary complexity to your network, you first need to consider: What is your downtime tolerance? If you don't answer this critical question,... read more
14Dec

How to link an existing on-premises AD Account with an Office 365 Exchange Online mailbox

I see this issue a lot out in the field. Admins sometimes create a confusing mess out of their Hybrid Exchange environments, because they don't create users in the "right way." In a hybrid environment, users should (ideally) be created from the on-premises Exchange server, not... read more
28Nov

Three ways to protect your customer’s on-premises data with Azure: Part 2 – Azure Backup Server

In the previous post, we looked at Azure Backup using the MARS agent, which can only do file, folder & system state data, and must be configured on the local machine. As you may already be aware, there are no local backup copies in that... read more
01Feb

How (and why) to leverage Microsoft 365 Business to manage third-party applications

One capability of Azure Active Directory which is included in your Microsoft 365 Business subscription (but which hardly anyone is taking advantage of in the SMB space) is the ability to bring third-party SaaS applications under management, and assign them to end-users--publishing them centrally via... read more
03Oct

Windows Information Protection done right, part 2: typical set up steps

Last time we talked about a couple of key concepts including enlightened and non-enlightened apps, and how Windows Information Protection (WIP) treats corporate data differently than personal. In short, a non-enlightened app and all of its data will be treated by WIP as personal (by... read more
25Apr

Two philosophies for deploying Microsoft Teams in an organization

IT admins throughout the world subscribe to one of two worldviews today: Control mindset: IT's job is to control and restrict, and of course, to protect the clueless users from all of those scary threats out there in the world today (including themselves)Empower mindset: IT's... read more
29Nov

Leveraging Conditional Access to enforce either MDM or MAM–user’s choice

In some circumstances, you might want users to have their choice: Use the native mail apps and have their mobile devices managed via Intune MDM, OR, Use a managed application such as Outlook on their own personal devices, and opt out of full device management. The... read more
30Mar

Why you need UAC (and how to enable it)

I don't know why it has come to this, but here it is. Here we are. We need to review why it is that you need User Account Control (UAC), and how to go about turning it on. I know! Like, why is this even... read more

Helping IT Consultants Succeed in the Microsoft Cloud

Have a Question? Contact me today.

Contact Me