Jul 19 2016 12:08 PM
Jul 19 2016 12:08 PM
Is there a special settings for MFA to work with Outlook 2016 on the desktop and Skype 2016? After enabling MFA for my ID, the WINDOWS SECURITY dialogue (wanting my O365 credentials) does not accept my password. My credentials work other places so know it is not a credentials issue.
Jul 19 2016 01:45 PM - edited Jul 19 2016 07:39 PMSolution
Jul 28 2016 10:00 AM
Jul 28 2016 10:27 AM
...Conditional access? Can you breifly describe? Are you referring to Microsoft's Powershell solution, enabling Exchange online and Skype for MFA. I haven't done this yet but was going to test. I'm told this will take care of it (so I don't need to do the App Password) but need to test.
Details in the GETTING STARTING WITH MODERN AUTHENTICATION section.
Jul 28 2016 10:38 AM
Jul 28 2016 10:49 AM
Aug 04 2016 08:26 AM - edited Aug 04 2016 08:29 AM
Quick Follow up ... Microsoft has a setting solution, to enable MFA for Exchange Online and Skype 2016, rather than using APP PASSWORD. Powershell is needed to make this change. But MFA does not yet work when connecting to Exchange Online with Powershell. MFA does work for connecting to Azure AD with Powershell.
So MFA needs to mature to the point where one can connect with Powershell. Hmmm. I want MFA turned on for admins. Then my admins will not be able to use Powershell to do their admin work. Hope to be proven wrong soon, on using MFA and Powershell for connecting to Exchange Online.
Aug 04 2016 09:28 AM
Oct 22 2018 06:21 PM
I know app password isn't the only way.
My iphone 10 mail client allows me to sign in with my password and then I get a text with an MFA code and enter that in when adding my company account. My last company, used MFA with outlook 2016 without using app passwords. It worked after enabling modern auth in exchange.
I assume that because my iphone mail client doesn't require an app password that modern auth is already enabled. So why is my outlook client that I just downloaded from O365 today requiring app passwords. There has to be a setting.
Also, is there a way to use the microsoft authenticator instead of text. Texts don't always come through in a timely maner.
Oct 22 2018 06:43 PM
Your setup requires passwords. An app-password is a valid password. It never expires, thus not ideal. When you are asked for the password, you either give it the never-expiring app-password, or your normal one. In your case, when you give it the normal one, MFA kicks in. (An App-Password replaces MFA and was a work-around for apps that did not work with MFA). I suspect your old iPhone Mail app knows your App-Password, thus never asking for it.
You can setup more verification methods (authenticator, etc). Go to … https://MyApps.Microsoft.com, click on your photo, go to profile, go to Additional Security Verification.
Dec 02 2018 07:39 AM
In order to use MFA with Skype For Business, We need to enable modern authentication for Skype for Business Online.
This article explains how to enable your Skype for Business Online tenant to support modern authenti...
Steps to enable modern authentication for Skype for Business Online
Connect to Skype for Business Online using remote PowerShell:
Check the current status of ClientAdalAuthOverride attribute.
Get-CsOAuthConfiguration | FL *ClientAdalAuthOverride*
Now run the following command to enable modern authentication for Skype for Business Online.
Set-CsOAuthConfiguration -ClientAdalAuthOverride Allowed
Verify that the change was successful by running the following:
Post making the PowerShell changes it may take 15 minutes to couple of hours for the changes to take affect.
Skype for Business Online: Enable your tenant for modern authentication
Skype for Business topologies supported with Modern Authentication
Enable or disable modern authentication in Exchange Online
Modern authentication behavior across Office 2013 and Office 2016