ITS Online»Email, Calendar & MS Office»Office 365 Lawkey Two Step Verification

Office 365 (Lawkey) Multi-Factor Authentication (MFA)

By setting up Multi-Factor authentication, you add an extra layer of security to your Office 365 (aka LawKey) account. With MFA, after logging in with your Office365 email and password — you’ll be prompted to verify your identity—the second step—using a device in your possession, such as a mobile phone.

The Microsoft Authenticator app is the easiest verification method to use. Once the app is installed on your mobile phone, it’s just one click instead of typing in a 6-digit code. And if you travel, you won’t incur roaming fees when you use it. Instructions for setting up and using the Microsoft Authenticator app.

General instructions on using two-step in Office 365: Setting up two-step verification.

We strongly recommend setting up more than one verification method (with the Authenticator app as your default method).

For assistance setting up MFA, please contact the ITS Help Desk (, 215-898-9140)


Locked out of your account due to MFA problems?

Please review the instructions below first. If you are still unable to access your account, please submit an MFA reset request at (NOTE: this form requires that you login with your PennKey to verify your identity.)


“What happens if I get a new phone?”

If you are using the Microsoft Authenticator app for MFA, you will need to re-configure the app any time you get a new phone or mobile device.

You can do this by going to your Office 365 My Sign-ins: Security Info page 

Note: Please try accessing the My Sign-Ins page from your laptop first. If you are not able to access, you may need to use the option “Sign in Another Way” on the MFA screen.  You can select the option to receive a code via text since you do not have your Authenticator app set up yet. If these methods don’t work, please request an MFA reset

Microsoft MFA Sign in Another Way Screenshot


Once you reach the “My Sign-Ins - Security Info” page:

  1. Delete the existing entry for “Microsoft Authenticator”

  2. Choose “+ Add Method” at the top of the page. Choose “Authenticator App” (if it’s not already selected) from the drop-down menu to begin the steps below.
    add method

  3. Start by getting the app. (if it’s not already installed on the new phone)
    get the app
  4. Set up your account.
    set up

  5. Using the Microsoft Authenticator App on your phone, scan the QR code that is provided on the device used to access the MFA/SSPR settings page.
    qr code
  6. A test notification will be sent to your phone. Approve the notification and then click “Next”.
  7. Once you’ve completed the above steps, click “Done” and confirm that your Default sign-in method is “Microsoft Authenticator - notification” at the following screen (click “Change” if this is not done so automatically).


 For any additional questions or concerns with setting up two-step, please contact the ITS Help Desk (, 215-898-9140)



Latest Tips

Zoom Logo

Remote Learning Guidance for Students

Please review our remote learning guidance and answers to common questions.


Remote Resources for Faculty & Staff

ITS support & resources for faculty & staff.