Skip to content
HowTo.Technology

M365 MFA with Microsoft Authenticator OTP

Microsoft Authenticator generates time-based one-time passwords (TOTP) for your M365 account. Every 30 seconds, the app shows a new 6-digit code you’ll enter when signing in.

Prerequisites

Section titled “Prerequisites”

Setting Up Microsoft Authenticator

Section titled “Setting Up Microsoft Authenticator”

  1. On your computer, go to https://aka.ms/mysecurityinfo and sign in with your Microsoft 365 account.

  2. Click + Add sign-in method.

  3. From the dropdown, select Authenticator app and click Add.

  4. Click Next on the “Start by getting the app” screen (you already have it).

  5. On the “Set up your account” screen, click Next.

  6. Microsoft will display a QR code. Don’t scan it yet — first open the Authenticator app on your phone.

  7. In Microsoft Authenticator on your phone:

    • Tap the + button (or menu icon → Add account)
    • Select Work or school account
    • Tap Scan QR code

  8. Point your phone camera at the QR code on your computer screen. The app will automatically recognize it.

  9. Your account will be added to Authenticator. You’ll see your organization name and email, with a 6-digit code that refreshes every 30 seconds.

  10. Back on your computer, click Next.

  11. Microsoft will ask you to enter the current code from the app to verify setup. Type the 6-digit code shown in Authenticator and click Next.

  12. You’ll see a success message. Click Done.

Using Microsoft Authenticator OTP

Section titled “Using Microsoft Authenticator OTP”

When signing into M365:

  1. Enter your email and password as normal.

  2. When prompted for verification, select Use a verification code (or it may go directly to the code entry screen).

  3. Open Microsoft Authenticator on your phone.

  4. Find your M365 account and note the 6-digit code displayed.

  5. Type the code into the verification field on your computer.

  6. Click Verify to complete sign-in.

Enabling Push Notifications (Optional)

Section titled “Enabling Push Notifications (Optional)”

Microsoft Authenticator also supports push notifications like Outlook. If you prefer tapping “Approve” instead of typing codes:

  1. Go to https://aka.ms/mysecurityinfo

  2. Find Microsoft Authenticator in your sign-in methods list.

  3. Click Change or look for notification settings.

  4. Enable push notifications for passwordless sign-in or approval requests.

With push enabled, you get the best of both worlds — quick approvals when available, with OTP codes as backup.

Troubleshooting

Section titled “Troubleshooting”

Code not working?

  • Ensure you’re entering the code for the correct account (check the email address in Authenticator)
  • Verify your phone’s time is set automatically — TOTP codes depend on accurate time
  • Wait for a fresh code if the current one is about to expire

Account not showing in Authenticator?

  • Try removing and re-adding the account
  • Ensure you selected “Work or school account” during setup

Lost access to your phone?

  • Contact your IT administrator to reset your MFA
  • If you set up backup methods (phone number, alternate email), use those at https://aka.ms/mysecurityinfo