Skip links

Sign in Securely

Add stronger locks with two-factor authentication

Knowing who is on the network and accessing your information is crucial. An important way to help with that is the use of multi-factor authentication (also known as two-factor authentication, or 2FA).

2FA requires multiple credentials, making it much harder for an attacker to gain access to your accounts. With 2FA, a user needs the following:

  • Something you know, such as a password
  • And/or something you have, such as a token (Google Authenticator, Authy, Okta, RSA, etc.) or a verification code sent to your phone, or
  • Something you are, such as your fingerprint or face (biometrics)

Depending on your environment, the actions that need to be taken to implement 2FA will differ.  You will need to take appropriate action.

If your organization has a centralized work environment (servers are located at a central office), then the IT department will most likely use RSA, Symantec VIP or some sort of corporate 2FA mechanism.

If your organization is more decentralized and using the cloud for many services, this is where you and your IT department will enable 2FA on those services and have users download an authenticator tool such as Google Authenticator or Authy (additional tools can be found in the GCA Cybersecurity Toolkit). The actions below are just a few examples of how to implement 2FA.



Note: You must be an Office 365 global admin to set up or modify multi-factor authentication.

  1. In the admin center, select Users and Active Users.
  2. In the Active Users section, Click on multi-factor authentication.
  3. On the Multi-factor authentication page, select user if you are enabling this for one user or select Bulk Update to enable multiple users.
  4. Click on Enable under Quick Steps.
  5. In the Pop-up window, Click on Enable Multi-Factor Authentication.

After you set up multi-factor authentication for your organization, your users will be required to set up two-step verification on their devices.


Note: Once your admin enables your organization with 2FA, you have to set up your account to use it.

  1. Check whether your Office 365 admin has turned on multi-factor authentication for your account. If they haven’t, when you try to do these steps you won’t see the options in Office 365.
  2. Sign into Office 365 with your work or school account with your password like you normally do. After you choose Sign in, you’ll see the option for Set it up now.
  3. Choose Set it up now.
  4. Select your authentication method and then follow the prompts on the page. Or, watch the video to learn more.
  5. After you verify your alternate contact method, choose Next.
  6. You’ll get an app password that you can use with Outlook, Apple Mail, etc. Choose the copy icon to copy the password to your clipboard. You won’t need to memorize this password.
  7. Once you complete the instructions to specify how you want to receive your verification code, the next time you sign into Office 365, you’ll be prompted to enter the code that is sent to you by text message, phone call, etc.

To have a new code sent to you, press F5.


  1. From the Admin console Home page, go to SecurityBasic settings.

To see Security on the Home page, you might have to click More controls at the bottom.

  1. Under Two-step verification, check Allow users to turn on 2-step verification.
    Any user in your top-level organization can turn on 2SV and set up any 2SV method.
  2. On the bottom right, click Save.


  1. Go to your Google Account.
  2. On the left navigation panel, click Security.
  3. On the Signing in to Google panel, click 2-Step Verification.
  4. Click Get started.
  5. Follow the steps on the screen.

Choose a second verification step: When you set up 2-Step Verification, you can choose your second verification step. To keep your account more secure, we recommend selecting Choose another option and setting up phone prompts or a security key.

More Questions?

If you have more specific questions about 2FA or access credentials, check out the GCA Cybersecurity Toolkit for Small Business and join us in our Community Forum, in the  Sign in Securely   channel to chat with other users and experts.

Join the community
Translate »