Office 365 MFA Hardware Token

With over 31 million users worldwide Microsoft Office 365 is unsurprisingly a bestseller among the productivity software subscription suits on the market. Its compatibility with the major operating systems (both mobile and desktop), the choice of available apps and the familiarity of the brand make Office 365 an obvious choice for a lot of businesses worldwide, from small companies to huge enterprises.

These very reasons and the popularity among businesses make it rather a big target for all kinds of greedy criminals. Being an online platform, with tons of sensitive corporate data stored in the cloud, Office 365 is a low hanging fruit for those hackers. Microsoft understands the vulnerability and supports Multi-Factor Authentication (MFA).

The only bulletproof way of fully protecting your info on a cloud server is Office 365 2 factor authentication with a hardware token. In this article, we will give you the detailed instructions on setting up protection with hardware multi-factor authentication token for Office 365 without a premium license. We are also going to address the questions one might have on our own Protectimus Slim NFC token.

Office 365 MFA hardware token – Protectimus Slim NFC

Azure AD offers a few standard ways to sign in using 2-factor authentication. You are offered a mobile app to generate random passwords, the system can send you a text with an OTP, or you can choose a phone-call to authorize the sign in. And finally, the most bulletproof way – you can have OTP generated by Microsoft Office 365 MFA hardware token. Now, Microsoft itself does not provide a hardware device, but third-party tools are supported.

| Read also: Hardware Tokens for Azure MFA

A programmable hardware token is essentially a more protected and trustworthy substitution for a mobile app. Protectimus Slim NFC token is one of the most popular security tokens that work with Office 365. The tool has no Internet connection, so there is absolutely no way your passwords could be intercepted. Protectimus Slim is reprogrammable, this means one device can be reassigned to a different resource over and over again. The programming goes via NFC (Near-field communication) which provides even greater defence. The design and dimensions of this Microsoft Office 365 MFA hardware token are also a factor in its popularity.

To protect your data with our OATH hardware token for Office 365 MFA you need to own an Office 365 subscription with 2-factor authentication on and an NFC Android phone. A premium Azure license is not required.

| Read also: The Pros and Cons of Different Two-Factor Authentication Types and Methods

How to add hardware token to Office 365 MFA

Setting up hardware 2-factor authentication token Office 365 is easy and straightforward enough, the steps below summarise the process very precisely.

1. Download Protectimus TOTP Burner application on an NFC-enabled Android phone.

2. Browse to this registration page and sign in with your Microsoft corporate login.

3. Click “Use Verification code from app” in the drop-down menu, then check the “Authenticator app” box, press “Configure”.

Office 365 2 factor authentication with hardware token Protectimus Slim NFC - how to add hardware token to Office 365 MFA

4. The pop-up window you have on your screen now has a QR code meant for installing the default Microsoft authentication app, that application is able to send notifications to your phone. Since our hardware token cannot do that, you need to check the “Configure app without notifications” suggestion instead. You should get a new QR code after this.

Office 365 two factor authentication with hardware token Protectimus Slim NFC - how to add Protectimus hardware token to Office 365 MFA

5. Launch the Protectimus TOTP Burner app and click “Burn the seed” button.

6. Now you need to scan the code from step number 4, simply tap on “Burn the seed” in the app.

7. Once the QR is successfully scanned, it’s time to turn on your token. Hold the tool within the range of your phone’s NFC antenna and click “Continue” to proceed.

8. Once the secret key is successfully burned on your hardware token for Office 365 all there’s left to do is verify the device and complete the registration. Go back to the setup page on your desktop, click “Next” and then “Verify now” buttons. Enter the OTP code your Office 365 multi-factor authentication token has generated and click “Verify”. That’s it, now you can enter your Office account the most protected way possible.

Office 365 multi factor authentication hardware token Protectimus Slim NFC - how to add hardware 2fa token to Office 365 MFA

Common questions

1. Why office 365 two factor authentication token is better than other types of MFA (app, SMS or phone call)?

Protectimus Slim NFC is truly an impenetrable protection for your data. The mechanism is contactless, the one-time keys are generated by the device itself, there’s no need for a network connection of any kind and the built-in battery allows for years and years of work. These things make it in essence impossible to overtake the passwords, implant the token with any kind of malware code and, as a result, compromise your security, or steal the sensitive information you keep in your Office 365 apps. Besides, if you happen to lose the hardware token you are far more likely to notice its absence before any harm is done, as opposed to an infected app, which can do all kinds of damage without you noticing it before it’s too late.

2. Can I order a token with my company logo?

Absolutely. You can have a branded token even if you order only one device.

3. Does Protectimus Slim NFC support multiple secret keys (seeds)?

Protectimus Slim NFC supports only one secret key (seed), so if you have multiple accounts for which you need MFA you will need different tokens. But Protectimus Slim NFC is a programmable token, thus if you stop using an account you can reprogram the token to be used with another account that needs extra protection.

Read more:

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from our team.

You have Successfully Subscribed!

Author: Anna

If you have any questions about two-factor authentication and Protectimus products, ask Anna, and you will get an expert answer. She knows everything about one-time passwords, OTP tokens, 2FA applications, OATH algorithms, how two-factor authentication works, and what it protects against. Anna will explain the difference between TOTP, HOTP, and OCRA, help you choose a token for Azure MFA, and tell you how to set up two-factor authentication for Windows or Active Directory. Over the years with Protectimus, Anna has become an expert in cybersecurity and knows all about the Protectimus 2FA solution, so she will advise on any issue. Please, ask your questions in the comments.

Share This Post On


  1. Hey there! Do you use Twitter? I’d like to follow you if that would be okay. I’m definitely enjoying your blog and look forward to new updates.

    Post a Reply
  2. I simply want to tell you that I am beginner to weblog and truly liked your page. Likely I’m going to bookmark your blog post . You really have good posts. Thank you for revealing your website page.

    Post a Reply
  3. Hi, I have just purchased the protectimus two and want to use them for MFA for Office365, is this possible and how do I go about it?

    Post a Reply
    • Hi Warren, you need a programmable hardware token to connect it to Office 365. We offer two models of programmable tokens – Protectimus Flex and Protectimus Slim NFC, these tokens will work for Office 365 as you can connect them as if it is a 2FA app. Protectimus Two tokens are not programmable: they are produced with pre-installed secret keys that can’t be changed.

      Post a Reply

Submit a Comment

Your email address will not be published.

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates from Protectimus blog.

You have successfully subscribed!

Share This