How to setup TOTP for Office 365

What shall you do if your Office 365 account is hacked? Microsoft has documented extensively the problems and solutions on this page. They highly recommend that you enable Multi-Factor Authentication (MFA) in order to prevent compromised accounts, especially for accounts with administrative privileges. Microsoft offers a 2FA support allowing users to secure their accounts against such takeover attacks.

Right! Let's secure your Microsoft account with Authenly.

1. Locating the 2FA settings in Office 365

1.1 - To begin the process of securing your Microsoft account, log into your account and click on our profile image in the top right, then on the top bar click security!.

1.2 - You will arrive on the security basics page. To continue securing your account, go to the top right tab that says two-step verification.

2. Enabling Office 365's 2FA

2.1 - On this page you will see multiple security options. At the bottom of the page, there ias a tab called Additional Security. Click the Two-Step Verification button. You are one step closer to securing your account!

2.2 - Microsoft will briefly display a guide about how 2FA works. Once you have finished reading, click Next to proceed with securing your account against malicious attacks.

2.3 - You will have a choice of 2FA. In this instance, select to verify your identity with an Authenticator App

2.4 - Microsoft will show you a QR code ready to scan, and is awaiting a confirmation from you to validate your 2FA installation.

2.5 - Now open the Authenly app and tap the QR scan icon on the home screen, or access it via the menu.

As you scan the Microsoft QR code, this operation will install the 2FA on your mobile device, so that you can now secure your Microsoft account with Authenly.

Now go back to the Microsoft webpage and enter the code to finalise the installation of the 2FA.

Once you have setup the 2FA, Microsoft gives a little extra information on how 2FA works and what you will need to access your account in the future now that 2FA is activated. Once read, click the Got It button and turn On Two-Step Verification at the bottom of the page.

3. Your Office 365 is secured

3.1 - Done! Your Microsoft account is now secured with Authenly. You are now safe from malicious attacks by reuse of your username and password, and a potential loss of your Microsoft account, or any sensitive information that may be stored on your Microsoft account. Note that Microsoft provides a backup code, if required at any time, which you may save by screenshotting or any other method if you please, however Authenly offers a better backup protection than this (see below).

As you have experienced, installing a 2FA protection for a specific vendor account on your mobile device is quite a simple task to perform. We have built a list of 2FA installation guides for most major web applications, so that you can add safely and quickly an additional layer of security to your online account, and thereby also to your online identity.

4. Backup

Bear in mind that it is very important to keep a safe backup of your 2FA. Authenly is using a unique un-hackable offline secret to backup your 2FA-TOTP. This is a lot more secure than writing your 8 or 12 backup passcodes on paper or in a file accessible on your computer and/or on the cloud. It is also a lot more secure than letting your 2FA authentication app provider do the backup for you in their cloud (when they get hacked - not if... - your 2FA protection is rendered totally useless). Therefore, just make sure that you backup your 2FA-TOTP with Authenly as an offline secret, and be safe that you will not suffer any account lock-out and that you can restore at any time this 2FA onto any mobile device with your Authenly identity.

Need to understand and setup TOTP?

This short animated video will give you a good understanding of what is a Timed One-Time Password (or TOTP).


Frequently Asked Questions

Have questions? We’ve got answers. If you can’t find what you are looking for, feel free to get in touch.