What is MFA?

What is Multi-Factor Authentication (MFA)?

Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack.

How Does MFA work?

MFA works by requiring additional verification information (factors). One of the most common MFA factors that users encounter are one-time passwords (OTP). OTPs are those 4 to 8 digit codes that you often receive via email, SMS or some sort of mobile app. With OTPs a new code is generated periodically or each time an authentication request is submitted. The code is generated based upon a seed value that is assigned to the user when they first register and some other factor which could simply be a counter that is incremented or a time value.

What is an “App password”?

After you turn on two-step verification or set up the Authenticator app, you may run into issues if you use apps or older devices that don’t support two-step verification. If you have two-step verification turned on and an app isn’t prompting you to enter a security code when you sign in, you may be able to sign in with an app password instead. An app password is a long, randomly generated password that you provide only once instead of your regular password when signing in to an app or device that doesn’t support two-step verification. You only need to create an app password if you have two-step verification turned on and are using an app that doesn’t support it.

For Microsoft 365 / Outlook, creating an app password is a simple process.

  • Log into your account at https://outlook.office.com

  • At the top right, click your initials and click on ‘View Account’

  • In the left pane click on ‘Security Info’

  • Click ‘Add Method’, and in the dropdown box for ‘Choose a method’ select ‘App password’

  • You will be asked for a name for your app password, you can just name it ‘Outlook1’

  • You will then be given a long randomly generated password.

  • You will only need this password ONCE for Outlook.

Share This Post