MFA: When it comes to cyber defense, the little things can mean a lot

Defending your data, operating systems and, to be candid, business against sophisticated cyberthreats requires a multi-layered approach. Some of those defenses are, themselves fairly complex and best left to a professional IT services team. But many are quite simple, and can (should!) be done at the ground level.

One of the easiest ways to “harden” your system against cybercrime is also one of the most commonly overlooked or forgotten tasks on the cyber defense checklist. So today, we’re going to take a couple of minutes and urge anyone reading this—client or not—to take a moment to make it happen.

Let’s talk about enabling your Microsoft 365 operating system for multi-factor authentication. And yes, using multi-factor authentication can be a minor inconvenience. However, the inconvenience of being locked out of one’s own system while it’s exploited by hackers or criminals is quite a bit greater. The following is taken directly from Microsoft Support:

  1. Sign in to Microsoft 365 with your work or school account with your password like you normally do. After you choose “Sign in,” you’ll be prompted for more information.
  2. Choose “Next.”
  3. The default authentication method is to use the free Microsoft Authenticator app. If you have it installed on your mobile device, select Next and follow the prompts to add this account. If you don’t have it installed there is a link provided to download it.

    If you would rather use SMS messages sent to your phone instead, select “I want to set up a different method.” Microsoft 365 will ask for your mobile number, then send you an SMS message containing a 6-digit code to verify your device.

    Tip: For a faster, and more secure, experience we recommend using an authenticator app rather than SMS verification.

  4. Once you complete the instructions to specify your additional verification method, the next time you sign in to Microsoft 365, you’ll be prompted to provide the additional verification information or action, such as typing the verification code provided by your authenticator app or sent to you by text message.


Note: Generally you’ll only need the additional verification method the first time you sign into a new app or device, or after you’ve changed your password. You probably won’t be asked for the additional verification code on a daily basis, unless your organization requires it.

We at Premier One make it a point to enable multi-factor authentication on all operating systems we install or upgrade. It only takes a moment for the user to get started, but the benefits can be exponential! Find out more about updating or deploying a modern cyber defense plan at

Share this post