How to set up Microsoft Authenticator, the easy way

Setting up Microsoft Authenticator can feel confusing at first, but it does not have to be. This guide walks you through downloading the app, scanning the QR code, and linking your work Microsoft 365 account step by step in plain language. By the end, two-factor authentication will be active on your account and your login will be significantly more secure against the credential attacks that compromise most small business email accounts.

How to set up Microsoft Authenticator

Open your phone's camera and scan the QR code for your device type to download the Microsoft Authenticator app from your app store. Once installed, put your phone down and continue on your computer.

Step 1. Open a private browser window on your computer. In Microsoft Edge, press Ctrl+Shift+N to open an InPrivate window. In Google Chrome, press Ctrl+Shift+N for Incognito, or select Guest Mode from the profile menu in the top-right corner. Using a private window prevents an existing signed-in Microsoft session from interfering with the MFA setup screens.

Step 2. Type https://outlook.office.com in the address bar and press Enter.

Step 3. When the Microsoft sign-in prompt appears, enter your work email address and click Next.

Step 4. Enter your password and click Next.

Step 5. Microsoft will display a More information required screen, followed by three informational screens explaining what the Authenticator app does and how it protects your account. Click Next on each screen. These screens do not require any action — just read and advance until you reach the QR code screen.

Step 6. Pick up your phone and open the Microsoft Authenticator app.

Step 7. Tap the plus sign in the upper-right corner of the app.

Step 8. Select Work or school account.

Step 9. Select Scan QR code.

Step 10. Hold your phone camera over the QR code displayed on your computer screen. The scan window closes automatically once the code is read.

Step 11. Once the scan window closes on your phone, click Next on your computer.

Step 12. Approve the authentication prompt on your Authenticator app by entering the two-digit number shown on your computer screen.

Step 13. Click Next on the following prompt.

Step 14. Enter your phone number for the second verification step and click Next.

Step 15. Enter the six-digit code received by text message and click Next.

Step 16. Click Next, then click Done. Setup is complete.

The first time you add your email to the Outlook desktop app, you will be prompted to approve a sign-in through the Authenticator app. Use the same two-digit number method to approve it.

Why two-factor authentication matters for your business

Passwords alone are no longer sufficient to protect business accounts. Credential theft is the leading cause of small business email compromises — attackers buy stolen passwords from data breaches, run automated guessing attacks, and use phishing emails to capture login details directly. Once inside a Microsoft 365 account, an attacker can read email, impersonate employees, access shared files, and send fraudulent invoices or wire transfer requests to clients and vendors. Multi-factor authentication stops these attacks cold even when a password has been stolen or guessed, because the attacker cannot approve the push notification without the physical phone. Microsoft's own data shows MFA blocks more than 99 percent of automated account compromise attempts. For businesses in Lawton, Duncan, Altus, and across Southwest Oklahoma, enabling MFA on every employee's Microsoft 365 account is the single highest-impact security step available at no additional cost.

Frequently asked questions

What is Microsoft Authenticator and why does my employer require it?

Microsoft Authenticator is a free app that provides a second layer of security when signing into your work Microsoft 365 account. After entering your password, the app sends a push notification or generates a code that confirms it is actually you logging in. Employers require it because stolen or guessed passwords are the most common cause of business account takeovers, and multi-factor authentication blocks the vast majority of those attacks.

How long does it take to set up Microsoft Authenticator?

The full setup process takes under ten minutes for most users. Downloading the app, signing in through a private browser window, scanning the QR code, and approving the test notification typically takes five to eight minutes from start to finish.

What do I do if I get a new phone and need to set up Authenticator again?

Install the Microsoft Authenticator app on your new phone and sign in with your personal Microsoft account to restore a cloud backup of your accounts if you had backup enabled. If backup was not enabled, you will need to re-add each work account by going through the setup process again from your computer, or by contacting your IT administrator to reset your MFA enrollment.

What if I lose my phone and cannot approve Authenticator prompts?

Contact your IT administrator or Microsoft 365 admin immediately. They can reset your MFA method so you can regain access using an alternate verification method. This is why adding a backup phone number during setup is important — it gives you a text message fallback if the app is unavailable.

Can I use Microsoft Authenticator for accounts other than Microsoft 365?

Yes. Microsoft Authenticator supports any account that uses time-based one-time passwords, which is the standard used by most websites and services that offer two-factor authentication. You can add personal accounts, banking apps, and other business tools to the same app using the Other account option when adding a new account.

Why should I use a private browser window to set up Authenticator?

A private or incognito browser window starts without any saved cookies or cached sessions. This prevents an existing signed-in Microsoft session from skipping the MFA enrollment screens, which can cause the setup to stall or appear to complete without actually activating two-factor authentication on the account.