Enable or disable multi-factor authentication
Multi-factor authentication (MFA) prevents unauthorized access to your Microsoft 365 account. MFA requires a verification method, like a code sent to you in a text message, whenever you sign in to your account. If your password is ever compromised, attackers can't duplicate this verification method and are blocked from accessing your account.
Enable multi-factor authentication
Turn on MFA to require adding a verification method for selected users.
- Sign in to Outlook on the web with your Microsoft 365 email address and password.
- After you're signed in, go to the multi-factor authentication page.
Note: If you’re not an admin but try to access the page, you’ll see the error message “You do not have sufficient permission to access this page.”
- To enable MFA for a specific user, select the checkbox next to their display name. quick steps will display on the right.
- Select Enable.
- In the confirmation window, select enable multi-factor auth, and then select close. MFA will be enabled for the selected user.
- Select the checkbox for the same user. Under quick steps, select Enforce.
- Sign out and then sign back in to Outlook on the web with the email account that had MFA enforced. Enter a phone number for your MFA method, and then select Next.
- If you don't want to provide a phone number, use the Microsoft Authenticator app instead.
- After enabling MFA, you'll receive an app password for email clients using basic authentication, like Outlook 2010. Make note of it, and then select Done.
We recommend adding another sign-in method in case you lose access to your primary method.
Disable multi-factor authentication
Turn off MFA to stop requiring a verification method for the selected users. They'll only need their email address and password to sign in.
- Sign in to Outlook on the web with your Microsoft 365 email address and password. If you don't have access to the sign-in method, reset your MFA first.
- After you're signed in, go to the multi-factor authentication page.
- To disable MFA for a specific user, select the checkbox next to their display name. quick steps will display on the right.
- Select Disable.
- In the confirmation window, select yes and then select close. MFA will be disabled for the selected account.
Related steps
- Add or change my multi-factor authentication method
- I can't access my multi-factor authentication method
More info
- To enable MFA for all users in your organization and require additional verification for admins, manage your security defaults.
- When securing your mailbox, you might want to sign out of all devices and reconnect using MFA.
- We also recommend securing your GoDaddy account with 2-step verification.