Multifactor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction.
Multifactor authentication combines two or more independent credentials: what the user knows (password), what the user has (security token) and what the user is (biometric verification). The goal of MFA is to create a layered and make it more difficult for an unauthorized person to access a target such as a physical location, computing device, network or database. If one factor is compromised or broken, the attacker still has at least one more barrier to breach before successfully breaking into the target.
Set up Multi-factor Authentication in the Microsoft 365 Admin
In the Admin Center, go to Users > Active users.
IMPORTANT: Before you select a user, choose More (...) > Setup Azure multi-factor authentication.
If you're using the preview version of the admin center, you can find the option for MFA here:
In the classic version, you'll find it here:
Find the people for whom you want to enable MFA. In order to see everyone, you might need to change the Multi-Factor Auth status view at the top.
The views have the following values, based on the MFA state of the users:
Any Displays all users. This is the default state.
Enabled The person has been enrolled in has not completed the registration process. They will be prompted to complete the process the next time they sign in.
Enforced The person may or may not have completed registration. If they have completed the registration process, then they are using MFA. Otherwise, they will be prompted to complete the process the next time they sign in.
Select the checkbox next to the people for whom you want to enable MFA.
On the right, under quick steps, you'll see Enable and Manage user settings. Choose Enable.
In the dialog box that opens, choose to enable multi-factor auth.