1. Sign in to the Office 365 admin center.

  2. Click usersActive Users.

  3. Click Setup under Set Multi-factor authentication requirements:

  4. Find  users to enable for multi-factor Authentication . In order to see all the users, you might need to change the view at the top: any,Enabled and Disabled

  5. Check the Checkbox next to the names you chose.This will reveal two options on the right: Enable and Manage user settings. Choose Enable.

  6. In the dialog box that opens, choose enable multi-factor authentication


Allow MFA users to create App Passwords for Office client applications

  1. Multi-factor authentication is enabled per user. This means that if a user has been enabled for multi-factor authentication and they are attempting to use non-browser clients, such as Outlook 2013 with Office 365, they will be unable to do so. An app password allows this to occur. An app password, is a password that is created within the Azure portal that allows the user to by-pass the multi-factor authentication and continue to use their application.

    IMPORTANT: All the Office 2013 client applications support Multi-Factor Authentication through the use of the Active Directory Authentication Library (ADAL). This means that app passwords are not required for Office 2013 clients.

    Sign in to the Office 365 admin center.

  2. In the admin center, choose users  > Active Users.

  3.  Next to Set Multi-factor authentication requirements, choose Set up.

  4. On the multi-factor authentication page, choose service settings

  5. Under app passwords, choose Allow users to create app passwords to sign into non-browser applications


  6. This allows users to use client Office applications, but they will have to enter a password of their choosing first.

  7. Click Save, and then Close.

To manage user settings
  1. Find  user or users you want to manage and select the checkbox next to their names.

  2. This will bring up two options on the right, Enable and Manage user settings

  3. Choose Manage User settings. In the dialog select one or more of Require selected users to provide contact methods againDelete all existing app passwords generated by the selected users, or Restore Multi-Factor Authentication on all suspended devices. Make your selections and choose Save.