Dec 16 2016 11:01 AM
Dec 16 2016 04:22 PM
For external users with a live ID the user would have to enable multi-factor authentication individual for themselves at https://account.live.com/proofs/Manage. You cannot enforce it.
External Office365 users need to set it up in there own Tenant. You cannor enforce this either.
Jan 10 2017 04:43 AM
You should be able to apply MFA for external users by purchasing the Azure MFA provider from Azure. See https://azure.microsoft.com/pricing/details/multi-factor-authentication/ for pricing.
If you purchase a Per Authentication license then you can apply this for external users.
See also https://docs.microsoft.com/en-us/azure/multi-factor-authentication/multi-factor-authentication-how-i... for more details.
Jan 12 2017 03:04 AM
You could use a parent child construction on the live id. Have the child been set up to use 2FA and hand it over to the extenal party. It is a bit far fetched but it will do the trick :)
Jan 12 2017 04:44 AM
Thanks for your freedback. The customer ended up doing what I suggested in the first place. Encrypt an USB stick and courier it. The encryption key was sent to them by text message.