Multi-factor authentication for your Office 365 dev/test environment
Summary: Configure multi-factor authentication using text messages sent to a smart phone in an Office 365 dev/test environment.
For an additional level of security for signing in to your Office 365 subscription, you can enable Azure multi-factor authentication, which requires more than just a username and password to authenticate an account. With multi-factor authentication for Office 365, users are required to acknowledge a phone call, type a verification code sent in a text message, or specify an app password on their smart phones after correctly entering their passwords. They can sign in only after this second authentication factor has been satisfied.
This article describes how to enable and test text message-based authentication for a specific Office 365 account.
There are two phases to setting up multi-factor authentication for Office 365 in a dev/test environment:
Create the Office 365 dev/test environment.
Enable and test multi-factor authentication for the User 2 account.
Click here for a visual map to all the articles in the One Microsoft Cloud Test Lab Guide stack.
Phase 1: Build out your lightweight or simulated enterprise Office 365 dev/test environment
If you just want to test multi-factor authentication in a lightweight way with the minimum requirements, follow the instructions in phases 2 and 3 of Office 365 dev/test environment.
If you want to test multi-factor authentication in a simulated enterprise, follow the instructions in DirSync for your Office 365 dev/test environment.
Testing multi-factor authentication does not require the simulated enterprise dev/test environment, which includes a simulated intranet connected to the Internet and directory synchronization for a Windows Server AD forest. It is provided here as an option so that you can test multi-factor authentication and experiment with it in an environment that represents a typical organization.
Phase 2: Enable and test multi-factor authentication for the User 2 account
Enable multi-factor authentication for the User 2 account with these steps:
Open a separate instance of your browser, go to the Office 365 portal (https://portal.office.com), and then sign in to your Office 365 trial subscription with your global administrator account.
From the main portal page, click Admin.
In the left navigation, click Users > Active users.
In the Active users pane, click More > Setup Azure multi-factor auth.
In the list, select the User 2 account.
In the User 2 section, under Quick steps, click Enable.
In the About enabling multi-factor auth dialog box, click Enable multi-factor auth.
In the Update successful dialog box, click Close.
On the Microsoft Office Home tab, click the user account icon in the upper right, and then click Sign out.
Close your browser instance.
Complete the configuration for the User 2 account to use a text message for validation and test it with these steps:
Open a new instance of your browser.
Go to the Office 365 portal (https://portal.office.com) and sign in with the User 2 account (user2@<organization name>.onmicrosoft.com) and password.
After signing in, you are prompted to set up the account for additional security validation. Click Set it up now.
On the Additional security verification page:
Select your country or region.
Type phone number of the smart phone that will receive text messages.
in Method, click Send me a code by text message.
Enter the verification code from the text message received on your smart phone, and then click Verify.
On the Step 3: Keep your existing applications page, record the displayed app password for the User 2 account in a secure location, and then click Done.
If this is the first time you signed in with the User 2 account, you are prompted to change the password. Type the original password and a new password twice, and then click Update password and sign in. Record the new password in a secure location.
You should see the Office 365 portal for User 2 on the Microsoft Office Home tab of your browser.