DUO MFA for UM Microsoft 365 Accounts

What is Duo MFA?

Duo Multi-Factor Authentication (MFA) adds an extra verification step when signing in to your University of Montana Microsoft 365 account. This helps protect your account from phishing and password-related attacks.   Some information technology services at UM already require Duo MFA.

Who Uses Duo MFA?

The Information Security Office (ISO) manages Duo MFA for Microsoft 365 accounts and applies it in two ways:

MFA is required for:

• Certain job roles

• Accounts with elevated access

• Higher-risk or regulated use cases

Users who are required to use MFA will be notified directly.

MFA is also available as an opt-in option for:

• Individual employees

• Departments who want to protect some or all of their staff

Opting In to Duo MFA for Microsoft 365

Departments and individuals may request Duo MFA for Microsoft 365 even if it is not currently required for their role.

Common reasons to opt in include:

• Handling sensitive or regulated data

• Reducing phishing risk

• Preparing for future security requirements

What to Expect After Enrollment

Once enrolled, Duo MFA will:

• Prompt for verification when signing in to Microsoft 365

• Use a mobile app, phone call, or passcode

• Remember trusted devices for a limited time

After initial setup, most sign-ins take only a few extra seconds.

How does it work?

The Information Security office manually enrolls Microsoft accounts into a group that mandates MFA. After enrollment, the accounts will prompt for a Duo Universal Prompt during login to any Microsoft 365 service. 

• For more details regarding Duo Universal Prompt, please see the Duo Universal Prompt | New look for MFA Solutions Center article.

1. Type in UM account username and password.

2. Approve DUO MFA authentication request.