Password Boss can generate the 2FA codes to log into Microsoft Global Admin accounts protected with MFA.

Using Password Boss to generate the 2FA codes allows you to:

• Enable 2FA on all Global Admin accounts - HIGHLY RECOMMENDED
• Easily share the 2FA codes with your team so any team member can access the 2FA codes from their copy of Password Boss. This replaces workarounds like shared phones, manually sharing codes in Teams, etc.
• Revoke access to 2FA codes at any time.

Adding 2FA to a Microsoft password saved in Password Boss

1. Login to your Microsoft work account/profile at https://myworkaccount.microsoft.com
2. Open your Profile and select Security Info.
   

   Note - You may be able to navigate directly to https://aka.ms/mfasetup.

    
3. Click Add sign-in method.
   
   
   Tip - Click the images to make them larger
    
4. Select Authenticator App from the drop-down menu
   
   Tip - Click the images to make them larger
5. Do not use the QR code or the code shown on this screen. Click I want to use a different authenticator app.
                                                                        Tip - Click the images to make them larger.
6. Continue by pressing Next, either scan the QR code with the Password Boss mobile app or select Can't scan image. Copy the Secret Key shown on the screen and paste the code into the Secret Key field in Password Boss.
   
   Tip - Click the images to make them larger
    
7. Click the Save button in Password Boss next to the secret key to begin generating codes. 

   There are no spaces in the secret Key

   Remove all spaces from the secret key before saving

    
8. Finish the verification process with Microsoft to enable 2FA.
9. Change the default verification method to App-based authentication or hardware token - code.
   
   Tip - Click the images to make them larger
   
   Tip - Click the,  the images to make them larger
10. Password Boss is now configured to generate 2FA codes for this login.