Protecting Microsoft 365 accounts using DUO Multi-Factor Authentication
UM IT selects University of Montana Microsoft 365 accounts to be protected using DUO MFA. The accounts enrolled in DUO MFA for Microsoft 365 are determined on a case-by-case basis with the risk level acting as a deciding factor. For enrolled accounts, DUO MFA will protect logins across the UM Microsoft 365 environment such as Outlook, SharePoint, Teams, etc. Please reach out to infosec@mso.umt.edu if you would like to enroll your Microsoft 365 account into DUO MFA.
Benefits of using DUO MFA on your Microsoft 365 account:
-
Enhanced Security: DUO MFA adds an extra layer of security beyond just a password, significantly reducing the risk of unauthorized access. Even if someone obtains or guesses a user's password, they would still need the additional factor (e.g., a mobile device or hardware token) to gain access.
-
Mitigation of Credential Theft: With traditional passwords alone, accounts are vulnerable to credential theft through methods like phishing or brute force attacks. MFA makes it much harder for attackers to compromise accounts, as they would need more than just the password to gain entry.
-
User Awareness and Control: MFA implementations typically involve user interaction, such as receiving push notifications on mobile devices or entering codes from authentication apps. This process raises awareness among users about their account security and gives them greater control over access to their accounts.
-
Reduced Risk of Unauthorized Access: By requiring multiple factors for authentication, MFA significantly reduces the likelihood of unauthorized access to Microsoft 365 accounts. This is especially crucial for organizations that handle sensitive information or operate in high-risk environments.
How does it work?
The Information Security office manually enrolls Microsoft accounts into a group that mandates MFA. After enrollment, the accounts will prompt for a DUO Universal Prompt during login to any Microsoft 365 service.
1. Type in UM account username and password.
2. Approve DUO MFA authentication request.