Advertisement
Full disclosure MS docs confuse me more than help me and a lot of blogs around MFA seem watered down or too vague. I’m sure many spiceheads have already taken this security step, so I’m kind of look for the short and sweet on the process.<\/p>\n
We’re licensed O365 Business Standard and I want to enable MFA. What do I need to know or what should I look out for? We rely on Word, Excel, Outlook, and Teams primarily. We don’t use web apps much, so when I flip the switch what happens? I have 1 user that uses an older version of Office suite - if that matters.<\/p>\n
We don’t sync AD with O365 at this time, so things are separate between the services.<\/p>","upvoteCount":4,"answerCount":8,"datePublished":"2020-11-13T18:53:56.000Z","author":{"@type":"Person","name":"networks-jj","url":"https://community.spiceworks.com/u/networks-jj"},"acceptedAnswer":{"@type":"Answer","text":"
This is pretty straight-forward.<\/p>\n
You flip the switch, and either the next time a person logs in or if you have reset all sessions, a pop up comes on their mobile devices or computer and asks them to log in. They put in their username and password and then another box comes up asking how they want MFA to work.<\/p>\n
You can use several mobile apps (most orgs I work with just use the MS Authenticator app), that they will need to download and log into. But they open the app, get the code, enter it and they are in.<\/p>\n
They can also use SMS to get their code.<\/p>\n
There are also options to ‘trust this device for 30 days’ so they don’t have to put in MFA codes every time.<\/p>\n
Most people are pretty used to this process as more and more sites are using it as an additional security layer out in the wild.<\/p>","upvoteCount":1,"datePublished":"2020-11-14T02:40:02.000Z","url":"https://community.spiceworks.com/t/office-365-business-standard-multifactor-authentication/781874/2","author":{"@type":"Person","name":"darren-for-cdw","url":"https://community.spiceworks.com/u/darren-for-cdw"}},"suggestedAnswer":[{"@type":"Answer","text":"
Full disclosure MS docs confuse me more than help me and a lot of blogs around MFA seem watered down or too vague. I’m sure many spiceheads have already taken this security step, so I’m kind of look for the short and sweet on the process.<\/p>\n
We’re licensed O365 Business Standard and I want to enable MFA. What do I need to know or what should I look out for? We rely on Word, Excel, Outlook, and Teams primarily. We don’t use web apps much, so when I flip the switch what happens? I have 1 user that uses an older version of Office suite - if that matters.<\/p>\n
We don’t sync AD with O365 at this time, so things are separate between the services.<\/p>","upvoteCount":4,"datePublished":"2020-11-13T18:53:56.000Z","url":"https://community.spiceworks.com/t/office-365-business-standard-multifactor-authentication/781874/1","author":{"@type":"Person","name":"networks-jj","url":"https://community.spiceworks.com/u/networks-jj"}},{"@type":"Answer","text":"
So like a good admin I learned that our O365 domain was setup pre Modern Authentication enabled by default, so our accounts are only using Basic Auth. After enabling MFA for the admins yesterday we were prompted to re-auth everything EXCEPT the Outlook client. I noticed this morning some login failures in Azure AD and it seems to be some services from the Outlook client because we’re using Basic Auth and were never prompted for the app password MS assigned us.<\/p>\n
As I’m reading we need Modern Auth enabled for MFA, so my bad. Reading though if I enable Modern Auth now it should only impact the users with MFA also turned on. What I’m concerned with is forcing everyone to reauth all the MS stuff for Modern Auth and then turning MFA force them to do it again. A lot of folks don’t know their O365 passwords, so it’s a burden on helpdesk to make these changes. I’m just trying to understand what will happen and I don’t see a way to limit Modern Auth to certain users.<\/p>","upvoteCount":1,"datePublished":"2020-11-17T12:18:59.000Z","url":"https://community.spiceworks.com/t/office-365-business-standard-multifactor-authentication/781874/3","author":{"@type":"Person","name":"networks-jj","url":"https://community.spiceworks.com/u/networks-jj"}},{"@type":"Answer","text":"
Kind of talking to myself here, but incase someone else stumbles on this later.<\/p>\n
I enabled Modern Auth for our domain and nothing amazing happened. I forced logout on all of my sessions before Outlook client asked me re-authorize with MFA, but after that all was good. I’m waiting to see how long until my other MFA test subjects are prompted without intervention, but that’s just for my own information. Next step is MFA for everyone…<\/p>","upvoteCount":1,"datePublished":"2020-11-17T17:36:25.000Z","url":"https://community.spiceworks.com/t/office-365-business-standard-multifactor-authentication/781874/4","author":{"@type":"Person","name":"networks-jj","url":"https://community.spiceworks.com/u/networks-jj"}},{"@type":"Answer","text":"
LOL, you definitely are not just talking to yourself! Glad your testing went well, I think that when you roll this out, there will be the inevitable minor hiccups, but it should go well.<\/p>\n
Definitely let us know how it goes!<\/p>","upvoteCount":1,"datePublished":"2020-11-18T04:02:43.000Z","url":"https://community.spiceworks.com/t/office-365-business-standard-multifactor-authentication/781874/5","author":{"@type":"Person","name":"darren-for-cdw","url":"https://community.spiceworks.com/u/darren-for-cdw"}},{"@type":"Answer","text":"
Hey @networks-jj<\/a> I’m looking into a migration to O365 for our environment and have been given information stating MFA is included on Business Premium, but NOT included on Business Standard. Obviously, your post here is stating differently. (Maybe @darren-for-cdw<\/a> might be able to advise too?)<\/p>\n