Office 365 MFA – App Passwords

Continuing on from my previous blog post on Office 365 MFA, another common requirement is for App passwords.

App passwords are needed when Multi-factor Authentication is Enforced on your account to login with non-web based applications like Outlook and Skype for Buisness. These are single use, per application passwords that are separate from your normal password.

App passwords need to be automatically generated on the https://myapps.microsoft.com website for use in these applications, please note that these passwords can not be customized.

  1. You will first need to login to  https://myapps.microsoft.com using your Office 365 account. From here click your name the top right corner of the screen and select the Profile option.

  2. On the Profile page click “Additional security verification”

  3. On the Additonal Security Verification page click “app passwords” and then click create.

  4. Give your password a name to identify which application you plan to use the password with.


  5. Copy the password and paste it into the application when requested. Please note that you can not view this password again. If you need to reinstall the application later, the best option is to remove the old app password and create another. Don’t store these passwords.

Office 365 MFA – Push notifications using the mobile app

Multi-factor Authentication (MFA) is one of the essential 8 strategies to help mitigate cyber security incidents as recommended by the Australian Department of Defence. However the biggest complaints end users give after enabling MFA in Office 365 is the delay in receiving SMS messages and having to type in a 6 digit code.

Luckily there is a simple solution offered by Microsoft in the form of the Microsoft Authenticator App which is available for Windows PhoneAndroid, and iOS.

  1. You will first need to login to  https://myapps.microsoft.com using your Office 365 account. From here click your name the top right corner of the screen and select the Profile option.

  2. On the Profile page click “Additional security verification”
  3. Check the box next to Authenticator App and then click the configure button
  4. Install the App onto your mobile device from the relevant store:  Windows PhoneAndroidiOS.
  5. Tap the app menu and select Add Account, then choose Work or School Account, and then scan the Barcode on your computer screen with your device’s camera.
  6. Back on the computer click Done, then on the “Additional Security Verification” page click Save.
  7. Go back into “Additional Security Verification” page from Step 2
  8. Change your preferred option to “Notify me though app” and click save.
  9. You will then need to verify the new method on your phone when the push notification appears.

You can now use notification on your phone to verify your account on Office 365.