As per Microsoft announcement few months ago, here is how to configure multi factor authentication.
This is a per user basis.
I already wrote few posts about this feature (http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=524 and http://blog.hametbenoit.info/Lists/Posts/Post.aspx?ID=526) but there was on a preview version; there has been some changes.
NOTE 1 This does not work with federated users
NOTE 2 Multi factor authentication for administrators doesn’t work with client application such as Outlook or Lync
Enable Multi Factor Authentication
New, to enable multi factor, go to the Office 365 administration portal (https://portal.microsoftonline.com) and reach the Users and Groups section on the left.
The click on the Setup button available on top of the user list
Then select one or more user to enable multi factor authentication – you may have to change the default view, set to Global Administrators to view all of your users
Once the user account has been selected, click on the Enable button which appears on the right side
Confirm the activation
Multi factor authentication has been enabled
Starting then you can manage user settings for multi factor authentication by hitting the Manage user settings after selecting the user account
The first time the user will authenticate after setting up multi factor using web browser, he will be asked to setup his additional security settings
He will have to choose how to setup multi factor authentication (Mobile phone, Office Phone [Lync phone can not be used] or Mobile App)
If you choose mobile phone, a text message will be sent to ensure you are the owner of the phone AND to ensure the phone can be reached by the system
Then he will have to choose if he want to enable multi factor for web access only or also for Office application such as Outlook.
Hitting the generate app password button will automatically generates a complex password to use when configuring your Outlook client or mobile device to connect to your Office 365 account
If you choose to use Mobile App to authenticate you, you have to download the Multi-Factor Authentication application for your mobile device (Windows Phone, iOS or Android) from the app store
Once multi factor authentication has been enabled for a user and setup by him, Office 365 will automatically start the authentication process using the multi factor settings (text message, password application…)
If multiple authentication options have been defined, end user can switch the authentication method by hitting Other verification options
Multi Factor Authentication with client applications
If you have enabled multi factor authentication for your client application, end-user will have to enter the password defined by the system if not using the mobile application
If the mobile application is used for authentication, end-user has to start the authentication factor application on his mobile device and then, when prompted, enter the password defined by the mobile application to get authenticated on Outlook or Lync
Update Multi Factor Details
If your user need to update his multi factor authenticatio
n details – such as the phone number, just instruct him to go to his settings from the wheel on the top right side
And then to the password section on the left side