Blogs

MFA: a simple roadmap to maximum security.

Alexander van den Bosch

By
Alexander van den Bosch

Date
8 July, 2025

Reading time
4min. reading time

At a time when cyber threats are getting smarter and smarter, a username and password simply aren’t enough anymore to have a safe and secured digital workenvironment. Just one leaked password or inattentive click can lead to data loss, business downtime or even a completely shut down logistics operation.

This is why Multifactor Authentication (MFA) is not a luxurious option today, but a necessary step. Especially if you work with cloud solutions such as Microsoft Dynamics or Boltrics’ WMS solutions, MFA from Microsoft Entra is the most accessible and effective way to protect your digital work environment from unauthorized access.

In this blog you will read what MFA is, why it is so powerful, and how to easily set it up for yourself or for all users in your organization.

What exactly is MFA?

MFA adds an extra layer of security to your login process. Instead of just entering a password, you must also confirm that you are actually the one trying to log in. You do this by adding a code on your phone or a biometric scan (by usingf a fingerprint scan, for example) as an extra step.

Combining multiple forms of authentication makes it many times harder for criminals to gain access to your Microsoft environment, even if they have captured a password.

The three forms of authentication

An MFA setup always consists of at least two different factors. Microsoft distinguishes three types:

  • Something you know – such as a password or PIN.
  • Something you have – such as a smartphone, smart card or hardware token.
  • Something you are – such as fingerprint or facial recognition.

Sidenote: MFA is obviously only secure if the factors are truly different. Two passwords are not MFA. Therefore, after a password, an extension to an answerable query is also weaker compared to other options.

Veelgebruikte vormen van MFA in Microsoft 365

MethodExplanation
PasswordVia Microsoft Authenticator of other apps such as Authy.
SMS or phone callCode sent to registered mobile number
FIDO2 key or smart cardHardware-based security (e.g., YubiKey).
Biometric authenticationFingerprint or facial recognition on device.
Security questionsLess secure; apply only in exceptional cases.


How do you set up MFA within Microsoft Entra?

To activate MFA, you need a Global Administrator account within your Microsoft-ecosystem. Setting up MFA can be done per user or at the group level via Conditional Access (recommended).

Shortcut: via Conditional Access

  1. Go to Microsoft Entra admin center;
  2. Navigate to: Protection > Conditional Access;
  3. Click on + New policy;
  4. Give the policy a recognizable name (e.g., “MFA for employees”);
  5. Under Users: choose “All users” or a specific group;
  6. Under Cloud apps: choose “All cloud apps.”;
  7. Under Access controls > Grant: check “Require multifactor authentication.”;
  8. Set the policy to Enabled: On and click Create.

This method is scalable, manageable and recommended by Microsoft.

Alternative: manually per user

  1. Log in to https://entra.microsoft.com;
  2. Go to Identity > Users;
  3. Above the list, click Multi-Factor Authentication;
  4. Find the desired user and select Enable;
  5. The user will receive MFA instructions at next login.

Successful implementation? Communication is key

Technology is important, but acceptance is crucial; especially when the initiative does not come from employees. Ensure:

  • Clear communication upfront: What is changing, why is it needed?;
  • Short instructions with screenshots or a video;
  • Possibility of support during set-up (e.g. via IT or key users);
  • Have MFA tested first by a small group of employees before you deploy it widely.

Lead by example

Have you engaged MFA? Good. Then you are well on your way to a more secure digital environment. Encourage colleagues to do the same, and show that security does not have to be an obstacle, but actually contributes to trust and peace of mind in the organization. So make MFA part of onboarding, security awareness and your internal communications, like your monthly IT newsletter.

Want to know more?

Would you like to combine MFA with other Microsoft security options such as Conditional Access, Defender or Microsoft Purview? Or would you like a complete security scan of your environment? Visit our Learn environment, Microsoft’s help portal or consult with your own IT administrator.

Similar posts