Go to the App Store and search for “Microsoft Authenticator”, then tap “Download”. Once installed, open the Microsoft Authenticator app on your mobile device.
Sign in securely without a password
Are you tired of trying to remember your password? With this free app, you can sign into your personal Microsoft account without one. For security, you’ll use a fingerprint, face recognition, or a PIN. And don’t worry—if anything happens to your mobile device or if you forget your PIN, your password will still get you into your account.
The Microsoft Authenticator app is available for Android and iOS.
You can use the app with a mobile phone or a tablet.
How to Set Up Microsoft Authenticator
Download the App:
Open the App:
- Once installed, open the Microsoft Authenticator app on your mobile device.
Add Your Microsoft Account:
Set Up Two-Factor Authentication (2FA):
- On your computer, go to the Microsoft account security page: https://account.microsoft.com/security.
- Under “Two-step verification”, select “Set up two-step verification” and follow the prompts.
- Choose Microsoft Authenticator as your method for receiving 2FA codes.
- A QR code will appear on the screen.
Scan the QR Code:
- Open the Microsoft Authenticator app on your phone.
- Tap “Add account” and then select “Work or School Account” or “Other” for personal accounts.
- Use the app to scan the QR code displayed on the Microsoft security page.
Complete Setup:
- Once the QR code is scanned, your account will be linked to the Microsoft Authenticator app.
- You’ll receive a test notification to verify the setup. Tap “Approve” on the app to confirm.
How to Use the Microsoft Authenticator App
Sign in to Your Account:
- When signing into your Microsoft account or a service that supports 2FA, enter your username and password as usual.
Approve the Sign-In Request:
- After entering your credentials, you will receive a notification on your Microsoft Authenticator app.
- Tap the notification, and you’ll see a message asking you to Approve or Deny the sign-in attempt.
- Tap Approve to confirm and complete the sign-in process.
Enter a One-Time Code (If Needed):
- If you don’t receive a notification or if you’re prompted to enter a code manually, go to the Microsoft Authenticator app.
- Tap on your account in the app to see the time-based, one-time passcode (TOTP).
- Enter the code into the website or app you’re logging into. The code refreshes every 30 seconds, so make sure you use the most recent one.
Use time-based, one-time passcodes
The Microsoft Authenticator app also supports the industry standard for time-based, one-time passcodes (also known as TOTP or OTP). Because of that, you can add any online account that also supports this standard to the Microsoft Authenticator app. This will help keep your other online accounts secure.
What you’ll need for set up
Two-step verification begins with an email address (we recommend two different email addresses, the one you normally use, and one as a backup just in case), a phone number, or an authenticator app. When you sign in on a new device or from a new location, we’ll send you a security code to enter on the sign-in page. For more info about the authenticator app, see How to use the Microsoft Authenticator app.
Turn two-step verification on or off
- Go to the Security basics page and sign in with your Microsoft account.
- Select More security options.
- Under Two-step verification, choose Set up two-step verification to turn it on, or choose Turn off two-step verification to turn it off.
- Follow the instructions.
Where you can’t use security codes, use app passwords
Some apps (like the mail apps on some phones) or devices (like the Xbox 360) can’t use regular security codes. If you see an “incorrect password” error on an app or device after you turn on two-step verification, but you’re sure your password was correct, that means you’ll need an app password for that app or device.
App passwords are only available if you use two-step verification. If you don’t have two-step verification turned on, you won’t see the App passwords section on the Additional security options page.