Increasing your account security with Microsoft 365 Security Defaults (for users)

Microsoft authenticator app

This is how to set up two factor authentication with your Microsoft 365 account, if your tenant has Security Defaults enabled.

To start, please visit and login, if you have not already set up the Microsoft Authenticator app then you will be prompted to do so. This needs to be done within the next 14 days. Once this process is completed, you will occasionally be required to use the Authenticator app to confirm your identity when logging in to your account.

The next time you sign in, you will be requested for more information:


You will then be prompted to set up the Microsoft Authenticator app:


Follow the instructions to download and set up the app – download Microsoft Authenticator from the Apple App Store or Google Play Store, add a Work account, and scan the QR code. Click Next when you have scanned the code.


Then you will receive a notification through the app to confirm that it has been configured correctly:

Next, you will be prompted to add a phone number and alternative email address. You can use one of these methods in case you don’t have access to the app, for example if you don’t have your phone, have no internet connectivity, or replaced your phone. Whilst you can cancel this stage it is highly recommended that you do at least one of these.

The Authentication Phone can be either an SMS or a call, so you could use a mobile or landline number. Authentication email should be a separate personal account such as gmail or hotmail.


Once done, we also recommend that you go into the Authenticator app, select Settings, select Backup, and then turn on iCloud backup. If you lose or replace your phone, you can use this to recover the app configuration.

Note that you can always change this information later by visiting

From now on, you may need to use the app, or alternative phone or email to confirm unusual signins (e.g. from a new location) or if you are accessing sensitive information such as changing your password.

Note for iPhone and iPad users:

  • If you use the Mail app on iOS, you may need to remove and add the account again.
  • If this does not work, install the Outlook app and contact support who should be able to get the mail app working again.

If you have changed your phone and are unable to access your account, please see our other article here: Gaining access to your Office 365 account if you have replaced your phone and have MFA enabled – Cloudrun

Posted in Knowledge Article, Office 365, Security

Related Posts


  1. Pingback:Increase your Office 365 security for free with Security Defaults (for admins) - Cloudrun

  2. Pingback:Gaining access to your Office 365 account if you have replaced your phone and have MFA enabled - Cloudrun

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: