What is MFA?
What is Multi-Factor Authentication (MFA)?
Multi-factor Authentication (MFA) is an authentication method that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN. MFA is a core component of a strong identity and access management (IAM) policy. Rather than just asking for a username and password, MFA requires one or more additional verification factors, which decreases the likelihood of a successful cyber-attack.
How Does MFA work?
MFA works by requiring additional verification information (factors). One of the most common MFA factors that users encounter are one-time passwords (OTP). OTPs are those 4 to 8 digit codes that you often receive via email, SMS or some sort of mobile app. With OTPs a new code is generated periodically or each time an authentication request is submitted. The code is generated based upon a seed value that is assigned to the user when they first register and some other factor which could simply be a counter that is incremented or a time value.
What is an “App password”?
After you turn on two-step verification or set up the Authenticator app, you may run into issues if you use apps or older devices that don’t support two-step verification. If you have two-step verification turned on and an app isn’t prompting you to enter a security code when you sign in, you may be able to sign in with an app password instead. An app password is a long, randomly generated password that you provide only once instead of your regular password when signing in to an app or device that doesn’t support two-step verification. You only need to create an app password if you have two-step verification turned on and are using an app that doesn’t support it.
For Microsoft 365 / Outlook, creating an app password is a simple process.
Log into your account at https://outlook.office.com
At the top right, click your initials and click on ‘View Account’
In the left pane click on ‘Security Info’
Click ‘Add Method’, and in the dropdown box for ‘Choose a method’ select ‘App password’
You will be asked for a name for your app password, you can just name it ‘Outlook1’
You will then be given a long randomly generated password.
You will only need this password ONCE for Outlook.