Reply to post: Office 365 MFA is fun

How to make people sit up and use 2-factor auth: Show 'em a vid reusing a toothbrush to scrub a toilet – then compare it to password reuse

Anonymous Coward
Anonymous Coward

Office 365 MFA is fun

I set it up for my organisation last year and, whilst the backend is merely awful (web pages that have a few lines of text, no common navigaiton structure with the rest of the O365 admin area), the setup for the desktop Outlook application is bonkers. Newer Office apps (Teams etc.) can utilise the MFA SMS / authorisation apps but Outlook needs a password. Not your O365 password, no - that would be insecure. Outlook requires a system-generated 15 character (always all letters, all lower case) one that the user then has to type or paste in; the app remembers it but they will need it (or need to generate another - multiples are allowed) if they wish to open Outlook on a second Windows device. What do MS think most users going to do with such a password?

The whole system is a nightmare and not easy to use, never mind administer; I wouldn't blame any admin not implementing it, never mind a user for resisting it. I've only been a user of other systems (gmail, Apple, BitDefender etc. etc.) but they are all simple, intuitive and logical in comparison.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon