Microsoft 365 MFA
Multi-Factor Authentication (MFA) adds an extra layer of security to your Microsoft 365 account by requiring a second verification step in addition to your password. This guide will walk you through enabling MFA using both SMS and Time-Based One-Time Password (TOTP) methods.
Multifactor authentication (MFA) has become mandatory on IONIS accounts on Wednesday the 9th of March, 2022. In case you already set up MFA earlier and you changed phone number or removed the authenticator app, you need to remove the old method or you will lose access to your account.
If you lost access to your account, you must send us a ticket with a proof of identity (ID card, student card).
To manage your MFA methods (List, Add, Delete...), go to the "Security Info" section of your M365 Account (Click on your Profile Picture at the top right corner > View Profile). You can also follow this link.
Add a MFA method
When you connect for the first time, you'll need to add an MFA method. Otherwise,when you are on the "Security Info" section of your M365 Account (see above), click on "Add a Sign in method":
- Using Microsoft Authenticator
- Using Other Auth App (TOTP)
- Using Phone Number
This method uses Microsoft Authenticator to verify your identity. (Android / iOS). This method is much more reliable as code generation is done offline, so you don't have to wait for a message to come.
- Select
Mobile appas method, then Next - Microsoft Authenticator is the default MFA App, then click on Next until you get a QR Code
- On your mobile phone, open the Microsoft Authenticator App, click on "Professional or Student Account" and then on "Scan a QR Code"
- Scan the QR Code on your computer using your smartphone.
- Click "Next" then "Next" again.
- Enter the code as seen in the app and click "Verify". Make sure you do it before the code expires, otherwise you will have to do it again.
- If asked, fill in the input with your phone number and click "Done", it will be used in case you uninstall the app without disabling MFA in your account settings.
The phone number is not verified by Microsoft, if you do not wish to share your real number or do not have access to a working phone subscription, you may enter a bogus number at your risks.
This method uses an app (Google Authenticator, Authy...) and a time-based algorithm to generate codes that you can use to login. This method is much more reliable as code generation is done offline, so you don't have to wait for a message to come.
- Select
Mobile appas method, then Next - Click on "Use another Authentication App" then click on Next until you get a QR Code
- On your mobile phone, open your app, add a account and selectthe QR Code method
- Scan the QR Code on your computer using your smartphone.
- Click "Next" then "Next" again.
- Enter the code as seen in the app and click "Verify". Make sure you do it before the code expires, otherwise you will have to do it again.
- If asked, fill in the input with your phone number and click "Done", it will be used in case you uninstall the app without disabling MFA in your account settings.
The registered phone number will receive a unique one-time code via SMS or Phone call every time you login to your M365 Account. This code is time-sensitive and valid only for a short duration.
In some rare cases, this method can be unreliable and it can take up to a few minutes for Microsoft to send you the message.
- Select
Authentication Phoneas method - Fill in the input with your phone number
- You should receive a SMS from Microsoft with a validation code
- Type the code in the input, then click "Verify"
Remove a MFA method
Click on "Delete" next to the MFA method you want to delete.
Setting up Thunderbird with MFA
Thunderbird needs a special configuration in order to work with MFA. If you need to configure your Thunderbird client, please refer to section Emails: Thunderbird