How to check if MFA is enabled in Office 365

Hi Everyone this is Prem, I have worked as Microsoft 365 support ambassador. We see a lot of ticket where the users wants to know how to check if MFA is enabled.


MFA full form is Multi Factor Authentication. In this post, we will see the places/method where we can turn on MFA in Office 365.


There are 3 method where we can turn on the Multi-factor Authentication on a tenant, lets talk about each of them one by one.


How to check if MFA is enabled in Office 365 from Legacy Portal:

You have to be a admin of the tenant to be able to turn it ON or to even view the page for MFA setup.

A global admin account has the required permissions and can be used to turn MFA On or Off for users.


To check, open browser > visit https://Office.com and Sign in with your admin account, Once signed in, Click on the Admin tile.

 

Click on Users then Active users page and then click on Multi-factor Authentication option on the top: 


How to check if MFA is enabled in Office 365


Multi-factor authentication portal also known and legacy MFA portal will open as seen below:

How to check if MFA is enabled in Office 365


Here the user who already has MFA turned On, will have the status as Enabled or Enforced.

 

For the users who has the status Disabled, it mean that it is not Enabled for them.

 

Select the user and select Enable or Disable as per your need to turn it on or off for that user:


How to check if MFA is enabled in Office 365


There are other places as well where we can turn on MFA in office 365.


How to check if MFA is enabled in Office 365 using Conditional Access Policy:

Lets go back to Microsoft admin center, https://admin.microsoft.com/ and click on All admin centers, then click on Azure Active directory (Now known as Identity):


admin center


Once we are in the Azure active Directory (Identity) we will look for Protection and under Protection click on Conditional Access:


identity

On the Conditional Access page, click on PoliciesIf you see the +New policy option greyed out, it means that you do not have license that support creating of Conditional access policy, so this option is not where MFA is turned ON for your tenant. 

Conditional access policy can help with setting up device restriction as well. It can help in device based access, IP based access , etc.

If you are able to click on new policy option or you have the required license or have created Conditional Access Policy on your tenant then, you will have to check if any policy is step up with MFA as a requirement.

Only the Policy with current State as ON would be currently effective, you can ignore the one which are Off: