Microsoft 365 - Enable Two-Factor Authentication for Microsoft 365 & Remote Desktop Gateway

    Overview, Purpose, & Scope
    This procedure is to be used when enabling two-factor authentication for Office/Microsoft 365 accounts as well as for Microsoft Remote Desktop Gateway using DUO Mobile.

    Link to Autotask Ticket to Create or Edit this Procedure: ww3.autotask.net/Autotask/AutotaskExtend/Execu...

    1. 1

      Provide a phone number for multi-factor authentication (MFA) codes to be sent to

      1. Navigate to the Office portal and enter your email address and password to log in to your account.
      2. Once your credentials have ben entered, you will receive a prompt stating that More information is required. Click Next.
      3. Enter your mobile phone number in the text field next to United States (+1). Ensure that Sent me a code by text message is selected then click Next.
      4. You will then receive a text message containing a randomized six digit code. Enter your code in to the text box that will present itself on-screen. Click Verify.
      5. At this point, two factor authentication has been enabled on your Office account. 
    2. 2

      Reach out to Next7 to confirm completion

      Once two-factor authentication has been enabled on your account, reach out to Next7 support via email at: support@next7it.com to inform us that this has been completed for your account.

      Once confirmed, the Next7 team will then enforce that your account uses two-factor authentication. This will force Office applications (Outlook, Word, Excel, etc.) and mobile devices to request that an MFA code be entered before you can access your account.
    3. 3

      Enter MFA code for Office applications

      1. It can take up to one hour for Office applications to detect that a security change has gone in to affect for your account. If you have an Office application open (Outlook), you may receive a pop-up asking you to enter your password followed by another MFA code that will be sent to your phone. Enter the code when prompted.
      2. Once your password and MFA code have been entered, you will then have access to your Office applications again. 
    4. 4

      Enter MFA code for Samsung Email, Apple IOS Mail, or Outlook mobile app

      Samsung/Android Email app

      1. If you are utilizing the native Samsung/Android Email app to access your email, you will receive a pop-up notification on your phone stating that you need to enter your password for your email account. 
      2. You will then be taken to the settings for this account. When prompted, enter your email password. You will then receive a MFA code sent to your phone. Enter the code when prompted and save your current settings.

      Apple IOS Mail app

      1. If you are utilizing the native Mail app to access your email, you will receive a pop-up notification on your phone stating that you need to enter your password for your email account. Click Edit Settings.
      2. You will then be taken to the settings for this account. When prompted, enter your email password. You will then receive an MFA code sent to your phone. Enter the code when prompted and save your current settings.

      Outlook mobile app

      1. Launch the Outlook app on your phone.
      2. You will then be prompted to enter an MFA code that will be sent to your phone. Enter code then click Verify.
      3. Once the code has been entered, you will then be taken to your inbox.
    5. 5

      Install Duo Mobile app on your phone

      Apple IOS

      1. Navigate to the App store and search for Duo Mobile
      2. Click on Get next to the app name to download the app


      Google Play Store

      1. Navigate to the Google Play Store and search for Duo Mobile
      2. Click on Install next to the app name to download the app
    6. 6

      Enroll with Duo Mobile authentication

      1. Once you have reached out to Next7 stating that MFA has been enabled for your Office 365 account, Next7 will be sending an email to your mailbox with DUO enrollment instructions.
      2. Once you have received your Duo Security Enrollment email, click on the link provided under To begin, click on this link to enroll a phone, tablet, or other device: to begin enrollment.
      3. Once you have clicked on the link, you will be directed to a web page. On the initial web page click Start setup.
      4. Click the selection for Mobile phone then click Continue.
      5. Enter your mobile phone number and confirm by ticking the text box stating that this is the correct number. Click Continue.
      6. Confirm your mobile device type and click Continue.
      7. Click I have Duo Mobile installed.
      8. Open the DUO mobile app from your phone and click on the + icon to add a new account.
      9. Using your phone's camera, scan the QR code present on your DUO enrollment screen on the computer. A green check mark will then be covering the QR code and you will now see an account in your DUO mobile account with a six digit code. From your DUO enrollment page, click Continue.
      10.  Finally, from the drop-down menu for When I log in:, choose Automatically send this device a Duo Push. Click Finish Enrollment. 
      11. You are now enrolled with Duo Mobile!