How to Enable Multi-Factor Authentication for Dynamics 365 for Operations
The new Dynamics 365 for Operations or for those who still refer to it as Dynamics AX7 like I do, supports Multi-Factor Authentication (MFA) or Two-factor authentication (2FA) which is a form of multi-factor authentication. Multi-factor authentication is an increasingly common and more secure method of protecting access to sensitive information or services by requiring an additional method of verifying your identity. The additional verification method occurs through different mediums such a text message, email, phone call or smartphone application. At its core, multi-factor authentication is just the additional requirement for you, to verify you are who you say you are in addition to your username and password.
Multi-Factor Authentication in your daily life
Here is an example of MFA you might encounter every day. When I log into my bank's website, I have to enter my username and password. However, before I gain access to my information, I also have to provide a PIN number that the site sends to me via text message. If I enter the PIN in the allotted time, I have verified to the bank's satisfaction I am who I say I am. If I don’t, I will not be allowed access to the online banking portal. It’s simply a more secure means of preventing access to sensitive pieces of data by the bad guys. We consistently read about username and passwords being hacked, however with MFA, this additional authentication requirement is less likely to be comprised at the same time. Your username and password might get comprised, but it’s less likely that in addition to those pieces of information being stolen that your cell phone would be taken as well hence potentially thwarting any attempt to access your online information (if you have MFA setup of course).
So, who uses multi-factor authentication?
A vast majority of online services offer MFA. Banks, Twitter, Facebook, Credit Card Companies, Google, Microsoft, these are all examples of companies that offer services that can use multi-factor authentication. It requires a little effort to initially setup (trivial) and of course the requirement that you have access to the additional authentication method you selected once enabled (which can sometimes be a pain point). Overall it’s a quick and effective way to increase security to online services as I’ll demonstrate for Dynamics 365 for Operations (AX7) shortly. Some services even offer multiple authentication methods should the first secondary method not be available. So in the event your kids have just dropped your phone in the toilet, you can have an email sent instead of a text message.
Getting started with multi-factor authentication for Dynamics 365 for Operations (AX7)
To enable multi-factor authentication for Dynamics 365 for Operations (AX7) you will need to be a tenant administrator in the Office Portal – https://portal.office.com. So let’s get started enabling and configuring multi-factor (two factor) authentication for Dynamics 365 for Operations (AX7).
- Login into https://portal.office.com with a tenant administrator account
Click on Users | Active Users
- Select the user for which you’d like to enable Multi-factor authentication, then click Manage multi-factor authentication.
- You will have the option to bulk update this setting for multiple users so fret not. For this demonstration, I’m selecting a single user (myself) and then clicking on Enable under the heading Quick steps to turn on MFA.
- Then click enable multi-factor auth
You’ve now enabled MFA. The next time I go to sign into Dynamics 365 for Operations (AX7) I will need to provide additional verification information about myself. Additionally, there is the option to enforce MFA which comes with a warning as shown below if you select Enforce.
Here is what happens when you Enforce multi-factor authentication by clicking on Enforce. You will also see the Multi-Factor Auth Status change from Enabled to Enforced.
And as the end user, here is what I will see when I go to sign into Dynamics 365 for Operations (AX7) once it’s been configured on my account. First I verify my contact method.
- Then when I sign into Dynamics 365 for Operations (AX7) using my user name and password I’ll be prompted to provide an additional method of verification. My phone will get a text message to which I need to have handy to see the access code and then type it in to validate my account properly.