A new feature has been made available in preview to Office365 customers to enable multi-factor authentication for selected or all users in the Office365 tenancy.
It’s straight forward to configure in just two steps.
Once you are logged in to the Office365 portal (portal.microsoftonline.com), under Users and Groups you should see a new option for ‘Set stronger verification requirements’
You should see a list of all your global admins, you can change to see different admins using the combo box at the top of the screen.
Select the administrator(s) you want to enable MFA for and click Enable under quick steps. Then when prompted click yes to enable MFA for the selected accounts. Make sure you understand that Admin Accounts using MFA are not able to use any non-browser based applications such as powershell, outlook or Lync.
If all has gone well you should see the confirmation to say update successful.
Now log into the portal or OWA using your newly enabled MFA account. And you should be prompted to set up MFA for that account.
Click set it up now and then enter the mobile phone number you want to use for authentication and click save
Click to verify preferred option and you should receive a phone call on the nominated number
That’s it, your account is all configured. The next time you login to the portal or OWA, you log in as normal with your email and password, and then you will receive a call on your nominated number – simply press the # key on the phone and the sign in process will continue.