Applies to users of Microsoft 365 and Office 365 that have turned on MFA (Multi-factor Authentication).
ATTENTION! Since this article was written, Microsoft has changed the standard of how this is done. Nowadays, number matching applies as standard. This means that a unique number appears on the device you use for a Microsoft 365 program, you must enter that number yourself in Microsoft Authenticator and then click "YES - it's me". Assuming it's you ;-) Keep in mind that there are criminals who can pretend to be you, and if you haven't initiated/started an M365 program, don't enter Yes, enter No in such a case.
End-user experience using MFA
You will be promted for a confirmation that you are you. That may happen several times on the same device, depending on what device you use, and if your device (read Windows 10) are a AD (Active Directory) joined device or not and/or if you are using many apps connected to Office 365.
When prompted, it will look like this:
Your action:
Do as told, open the Microsoft Authenticator app on your mobile device and confirm the login request, sample:
You may have to repeat the approval several times, because each app may have its own channel from your device to the server end, and each channel may need an approval. For example: Web browser, Word, Outlook, OneNote etc.
Configure MFA
The Microsoft Authenticator can be used in several ways, and to Microsoft services as well as to other providers, for example PayPal. For each provider you can have different configuration:
Accept / deny request
Unique 6-digit code, valid for 30 seconds
Read the how-to-setup MFA here: https://www.vanjos.se/post/set-up-mfa-for-microsoft-office-365