IMPORTANT: Transition to Secure Two-Factor Authentication for Microsoft 365

To ensure the highest level of security for your Microsoft 365 (M365) accounts and to protect our organisation from potential cyber threats, we have made an important update to our login process.

From today, SMS and email-based two-factor authentication (2FA) will no longer be supported for accessing Microsoft 365. Instead, we are transitioning to modern, more secure methods of two-factor authentication, such as authenticator apps or hardware security keys.

This change is designed to enhance your account security by replacing older, less secure methods with options that provide stronger protection against phishing, interception, and other attacks.

What’s Changed?

The following changes have taken effect:

SMS-based 2FA (text message codes) and email-based 2FA (verification codes sent to your email) have been deprecated and are no longer supported.
You will need to use a modern authentication method to access your account.

The supported modern authentication methods include:

Microsoft Authenticator App (Preferred)
- A free mobile app that generates secure verification codes or allows you to approve sign-ins with a simple tap.
Other Authenticator Apps (e.g., Google Authenticator, Authy)
- These apps provide time-based one-time passcodes (TOTP) for secure sign-ins.
Hardware Security Keys (Optional)
- Physical devices like YubiKeys or FIDO2-compatible keys for secure, hardware-based authentication.

What Do You Need to Do?

If not done so already, please set up a modern 2FA method for your Microsoft 365 account by following these steps:

Install the Microsoft Authenticator App (or an alternative):
- Download the app from the Apple App Store or Google Play Store on your mobile device.
Register for Multi-Factor Authentication (MFA):
- Visit this link to set up your new 2FA method: https://mysignins.microsoft.com/security-info
- Follow the on-screen instructions to pair the app or hardware key with your Microsoft 365 account.
Test Your Setup:
- Once configured, test signing into Microsoft 365 to ensure the new 2FA method works properly.

Why Have We Deprecated SMS and Email-Based 2FA?

While SMS and email-based 2FA have been widely used, they are increasingly vulnerable to cyberattacks such as SIM swapping, phishing, and email account compromise. Modern authentication methods, such as authenticator apps and hardware security keys, provide:

Stronger Security: They are much harder for attackers to intercept or compromise.
Faster and Easier Authentication: Approve logins with a single tap or by entering a code from your app or device.
Compliance with Industry Standards: Many security frameworks and best practices now recommend moving away from SMS- and email-based authentication.

Need Help?

We understand that transitioning to a new authentication method may require some adjustment. If you have questions or run into any issues during the setup process, please reach out to the IT Assist at https://servicedesk.optos.com

Next Steps

To avoid any disruptions to your account access, please set up your modern two-factor authentication method as soon as possible. Your cooperation is essential in helping us maintain a secure and protected work environment.

Thank you for your attention to this important update.