Your organization recently implemented Multifactor Authentication (MFA) for Office 365 and your Outlook desktop application continues to prompt you for your password. It’s not saying the password is wrong, it just keeps requesting it repeatedly with no ability to connect to your server.
The concept behind MFA is to increase security to your accounts. In this age of viruses and phishing attacks, it’s likely that eventually your username and passwords will get compromised. Often when this happens, the villain will log into your site and change your password and verification email, by clicking on the email verification link, so that they lock you out of your own accounts.
MFA ensures on a regular basis that the person entering the password is indeed you. If the user tries to do something important, Changing the password, Forwarding emails etc, a verification is done to make sure it’s really you.
A very popular way to do this is to send a text message to your phone. Although not impossible, it’s very unlikely your text messaging platform is also hacked. In addition, by using an Authentication App (Microsoft Authentication in this case), it avoids you having to type back a code, speeds up the process and creates a nearly 100% guarantee of secure access.
We will outline the necessary steps for each user to successfully set up a Two Step Verification, create a new App Password and configure their Outlook desktop to use their new App Password instead of their usual Office 365 password.
You sign in with your password (Step 1) and a code is sent to your phone (Step 2).
1. Sign into Office 365 account with your password like you normally do via web browser. After you choose Sign In, you’ll see this page:
2. Choose Set It Up Now.
3. Select your authentication method and then follow the prompts on the page.
4. After you verify your alternate contact method, choose Next.
5. You’ll get an app password that you can use with Outlook, Apple Mail, etc. Choose the copy icon to copy the password to your clipboard. You won’t need to memorize this password.
6. Once you complete the instructions to specify how you want to receive your verification code, the next time you sign into Office 365, you’ll be prompted to enter the code that is sent to you by text message, phone call, etc.
7. On your Computer, click the Windows tile; type “Control Panel” to open the Control Panel App.
8. In the Control Panel, find and open Credential Manager.
9. Within the Credential Manger, choose Windows Credentials and begin removing all credentials associated with your work email.
In the example below, we’re removing credentials associated with the email address: email@example.com where xxxx is your email name:
10. After you have removed all associated credentials, restart your computer. Once your computer has been restarted, open a web browser and log into your Office 365 account.
11. Once logged into Office 365, navigate to “My Account” from the upper right corner.
12. On the My Account page, locate and click “Security and Privacy.”
13. Click on Additional Security Verification.
14. In the new Additional Security Verification menu, click Create and Manage App Passwords.
15. Your Web Browser will open “App Passwords” in a new tab or window. Here you will create a new App Password that Outlook will use to connect to your Office 365. Click Create.
16. Now enter “Outlook” to help you remember where you will use this password. Click Next.
17. The new App Password will be displayed; Click Copy Password To Clipboard.
18. Now launch Outlook from your Desktop; you’ll be prompted to enter your password. Place the mouse cursor in the password text box. On your keyboard, use the key combination “Ctrl” and “V” to paste your new App Password into the password text box.
19. Select the check box next to Remember my credentials to save your App Password in Outlook and click OK. In certain situations, you may have to repeat this step 2 or 3 times.
20. You should no longer receive a password prompt and you should see “All folders are up to date. Connected to: Microsoft Exchange” in the bottom left corner of Outlook.*
*This may take several seconds depending on your connection speed and mailbox size.
21. Repeat steps 7-20 to create another App Password if you also use Outlook on a different computer.
Eventually Microsoft is going to update Outlook to use their newer authentication method that will not require all of these extra steps, but for now, this method has proven to work.