Hi Everyone this is Prem, I have worked as Microsoft 365 support ambassador. We see a lot of ticket where the users wants to know how to check if MFA is enabled.
MFA full form is Multi Factor Authentication. In this post, we will see the places/method where we can turn on MFA in Office 365.
There are 3 method where we can turn on the Multi-factor Authentication on a tenant, lets talk about each of them one by one.
How to check if MFA is enabled in Office 365 from Legacy Portal:
You have to be a admin of the tenant to be able to turn it ON or to even view the page for MFA setup.
A global admin account has the required permissions and can be used to turn MFA On or Off for users.
To check, open browser > visit https://Office.com and Sign in with your admin account, Once signed in, Click on the Admin tile.
Click on Users then Active users page and then click on Multi-factor Authentication option on the top:
Here the user who already has MFA turned On, will have the status as Enabled or Enforced.
For the users who has the status Disabled, it mean that it is not Enabled for them.
Select the user and select Enable or Disable as per your need to turn it on or off for that user:
There are other places as well where we can turn on MFA in office 365.
How to check if MFA is enabled in Office 365 using Conditional Access Policy:
Lets go back to Microsoft admin center, https://admin.microsoft.com/ and click on All admin centers, then click on Azure Active directory (Now known as Identity):
Once we are in the Azure active Directory (Identity) we will look for Protection and under Protection click on Conditional Access:
If you are able to click on new policy option or you have the required license or have created Conditional Access Policy on your tenant then, you will have to check if any policy is step up with MFA as a requirement.
Only the Policy with current State as ON would be currently effective, you can ignore the one which are Off:
Note: Do make sure to only make changes in the conditional access Policy if you are fully aware of how it will affect you.
How to check if MFA is enabled in Office 365 Option 3 using Security Defaults:
This option is by default available on all the office 365 tenant and does not requires additional licenses.
We will go back to Identity Admin center, click on Identity then Overview page and then click on Properties:
Then scroll down and below Security defaults option, we will click on Manage Security Defaults:
If it is set to “Enabled” it means Multi-factor Authentication on your tenant, is Enabled from this option.
You can simply select the drop down and select Disabled and then click on Save to turn if off for everyone in your organization:
These are the 3 option from where we turn on Multi-factor Authentication in Office 365. Do let us know if this helped.
Date: 3/1/2022
Author: Prem
Tags: How to check if MFA is enabled in Office 365
Pingback: Multi Factor Authentication Setup in Office 365 - The Admin 365
Thanks for sharing. If you want to check MFA status using PowerShell, I’ve written PowerShell scripts to address multiple use cases.
https://m365scripts.com/security/check-mfa-status-for-microsoft-365-users-using-powershell/