01455 247 830
07897 001 247
Back to help centre

Microsoft Multifactor Authentication

Microsoft Multifactor Authentication, or MFA, is an additional layer of authentication that protects your users Office 365 accounts against vulnerabilities such as hacking.

Why do I need it?

All Microsoft 365 accounts receive multiple attempted attacks per day. If an attack is successful and a users Microsoft 365 account is compromised, attackers gain access to all of their Microsoft 365 services which can include anything from Outlook, SharePoint, OneDrive, Teams and potentially other services linked with your account, including but not limited to billing or your Azure hosting environment.

One of the main risks of a compromised account is financial loss, mainly due to ‘man-in-the-middle- attacks such as email hijacking. This is when the attacker gains access to a target’s email account and monitors communications in order to use the information for malicious purposes. For instance an attacker might intercept messages between your user and a client, instructing the client to pay funds into the attackers account rather than your own. Alternatively they could use the information they gather to instruct your bank to move funds from your account to their own account.

How does Microsoft Multifactor Authentication work?

Microsoft MFA is currently available with all Microsoft 365 subscriptions and works by requiring the two following authentication methods:

• A password
• Verification to a trusted device

This verification is most commonly a call or text message and it is best practice for this to go to a trusted device that is specific to the user, such as a company or personal mobile phone. There are alternatives, such as hardware tokens, however these require additional licensing.

By using two forms of authentication Microsoft MFA is ensuring your accounts are up to 99.9% less likely to be compromised*.
Only using a password leaves Microsoft 365 accounts vulnerable to attack. If the password is weak or has been exposed elsewhere, how do you know if it is the user signing in or if it is an attacker? Requiring a second form of authentication increases the accounts security, as this additional step is not easy for an attacker to obtain or duplicate.
* www.microsoft.com/en-gb/security/business/identity/mfa - June 2020

Get setup with Microsoft MFA

We recommend that all businesses using Microsoft 355 configure Microsoft Multifactor Authentication to protect their data. Give us a call today to find out how!
Talk to us today!More Info

IT3000 Limited

At IT3000 we are an ISO 9001 and ISO 27001 accredited Midlands and South West based IT support/ managed services provider who specialise in providing IT support and services to organisations nationwide. Our extensive help desk team, as well as offices in Leicestershire and Dorset allow us to work with a wide variety of companies across the UK.
Join Our Mailing List
Copyright © 2023 IT3000 Limited
IT3000 Limited, The Barn, Bridge Farm, Holt Lane, Ashby Magna, Lutterworth, Leicestershire, LE17 5NJ
linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram