I’ve enabled two factor authentication (“2FA”) where-ever I have the option, but long disliked the slow login process waiting for a one-time PIN to wind its way from Azure through EOP and to my on-prem Exchange. I have a convoluted collection of accounts & services through Microsoft so I need to use in-Private browsing to successfully sign in – and hence there’s no point clicking “I sign in frequently on this device, don’t ask me for a code”.
I tonight stumbled across the relatively new “Azure Authenticator” app for my iPhone & decided it was for me.
Unfortunately all of the how-to’s on the web referenced the old Azure portal and a setup process that’s no longer relevant.
I eventually found how to enable the Authenticator & re-traced my steps to capture it. I hope this helps you.
- Sign in to the Azure Portal:
- Yes, please send me one of your blasted codes. It will be the last time!
- Enter the code:
- OK, you’re in. Now click on your name in the top right-hand corner and select “Change password” from the popup menu:
- (Note you’re now in a new window back at account.live.com). Ignore the prompt to change your password. Click “Security and Privacy”:
- Now select “More Security Settings”:
- Scroll until you get to “Set up identity verification app”:
- Select your chosen ecosystem and click Next:
- Ignore the reference to downloading Google’s Authenticator here, click the “+” on the App to add an account, snap the QR code, copy the code from app to here, click Next and you’re done:
- Now sign out of Azure, close IE and sign in again to test it:
- And for bonus points, you even get an e-mail to confirm the change: