Office 365 now supports multi-factor authentication “out of the box”. You can enable users to require additional authentication mechanisms, including a phone call, a text message and an option to support a mobile app. The mobile app is available for Windows, iOS and Android devices, and works similarly to an RSA token in that a 6-digit number is generated every 10-15 seconds.
Once enabled, you can either input additional security information as an administrator or have the user set up their own contact methods. If this is not done by the administrator, the user will be required to do upon their next login. Multiple authentication mechanisms are required, in the event that the primary choice is inaccessible/lost.
A couple of additional items to note:
- The multi-factor authentication deployment guide link, available within the portal at this time, did not lead to an actual document at the time this blog was written (http://g.microsoftonline.com/0AX00en/178).
- Multi-factor authentication can be enabled for admin accounts for free. You can also enable it for standard user accounts for a fee (Contact your Microsoft partner or Microsoft licensing rep to learn more about pricing).
- Additional information on Multi-Factor Authentication can be found here: http://technet.microsoft.com/library/en-us/dn249479
- A more detailed blog, with screen prints, can be found at http://www.greenconsultingonline.com/2013/10/multi-factor-authentication-for-office-365/