Best MFA Method is Microsoft Authenticator
If you’re using Microsoft 365 with default settings and no Multi-factor Authentication (MFA) enabled, the only thing between your data and the entire world of shady internet characters is your password. Even that may not need to be known, if you click on a link that leverages your current session.
Therefore, we see MFA is mandatory for all cloud services, especially your core work account (M365). It improves your security by 99.9% according to Microsoft.
In addition to that, we want to recommend the Microsoft Authenticator app as the best primary method, for these reasons:
It’s the most convenient When set up as a notification, you can just tap approve to verify. Nothing to type in each time.
It’s the most secure SMS/Texts are convenient, but can be monitored. Here’s just one example.
If you are concerned about sharing confidential information with your workplace, the Microsoft Authenticator app does not do any discovery or sharing of information that goes to your employer. The app is structured specifically to be a “personal” app. This is clear in the way that it is designed to back up the information. It requires you to use a personal Microsoft account or iCloud account if you want to back up the information (which we recommend you do in case your phone fails or is lost). Here are a number of helpful pages related to the Microsoft Authenticator app:
Add your work or school account to the Microsoft Authenticator app
Back up and recover account credentials in the Authenticator app (microsoft.com)
Want to modernize and secure your technology? It's what we do: contact us.