MFA and Logging Into Other Accounts

%3CLINGO-SUB%20id%3D%22lingo-sub-807526%22%20slang%3D%22en-US%22%3EMFA%20and%20Logging%20Into%20Other%20Accounts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-807526%22%20slang%3D%22en-US%22%3E%3CP%3EI've%20been%20pushing%20to%20get%20MFA%20enabled%20in%20our%20company%20but%20have%20had%20a%20question%20rise%20from%20some.%20One%20is%20if%20MFA%20is%20enabled%20will%20the%20owner%20of%20the%20company%20still%20be%20able%20to%20log%20in%20to%20other%20employees%20email%20accounts%20or%20will%20this%20be%20an%20issue%3F%20This%20might%20not%20sound%20like%20the%20most%20ethical%20thing%20but%20if%20he%2Fshe%20owns%20the%20company%20I%20believe%20all%20emails%20are%20theirs%20to%20read.%20This%20is%20used%20more%20when%20users%20are%20on%20vacation%20than%20for%20snooping%20purposes.%3C%2FP%3E%3CP%3EWe%20are%20currently%20using%20Office%20365%20Business%20Premium.%20Thanks%20in%20advance%20for%20those%20with%20experience%20in%20these%20matters.%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-807526%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EOffice%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-807547%22%20slang%3D%22en-US%22%3ERe%3A%20MFA%20and%20Logging%20Into%20Other%20Accounts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-807547%22%20slang%3D%22en-US%22%3EThe%20owner%20of%20the%20account%20will%20have%20to%20forward%20the%20code%20to%20him%2Fher%20in%20order%20for%20him%2Fher%20ro%20be%20able%20to%20access%20it.%3CBR%20%2F%3EIf%20you%20use%20Conditional%20Access%20he%2Fshe%20can%20be%20able%20to%20logon%20from%20the%20office%20without%20MFA%20if%20it%20is%20set%20up%20that%20way.%3CBR%20%2F%3ERegards%2C%20Magnus%3C%2FLINGO-BODY%3E%3CLINGO-SUB%20id%3D%22lingo-sub-807666%22%20slang%3D%22en-US%22%3ERe%3A%20MFA%20and%20Logging%20Into%20Other%20Accounts%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-807666%22%20slang%3D%22en-US%22%3EHe%20should%20use%20proper%20permission%20setting%20to%20access%20additional%20mailboxes%20via%20owa%20by%20giving%20him%20full%20access%20permission%20to%20the%20mailbox.%20No%20reason%20for%20him%20to%20track%20and%20or%20use%20the%20other%20users%20logins.%20Go%20to%20user%20account%20in%20office%20365%20and%20add%20the%20user.%20There%20is%20built%20in%20UI%20elements%20now%20to%20make%20it%20easy.%20Then%20in%20owa%20click%20the%20menu%20and%20he%20can%20open%20someone%20else%E2%80%99s%20mailbox%20there.%20MFA%20is%20only%20required%20for%20his%20own%20account.%3C%2FLINGO-BODY%3E
Highlighted
Occasional Contributor

I've been pushing to get MFA enabled in our company but have had a question rise from some. One is if MFA is enabled will the owner of the company still be able to log in to other employees email accounts or will this be an issue? This might not sound like the most ethical thing but if he/she owns the company I believe all emails are theirs to read. This is used more when users are on vacation than for snooping purposes.

We are currently using Office 365 Business Premium. Thanks in advance for those with experience in these matters.

2 Replies
Highlighted
The owner of the account will have to forward the code to him/her in order for him/her ro be able to access it.
If you use Conditional Access he/she can be able to logon from the office without MFA if it is set up that way.
Regards, Magnus
Highlighted
He should use proper permission setting to access additional mailboxes via owa by giving him full access permission to the mailbox. No reason for him to track and or use the other users logins. Go to user account in office 365 and add the user. There is built in UI elements now to make it easy. Then in owa click the menu and he can open someone else’s mailbox there. MFA is only required for his own account.