 Hi, I'm Sean Jacobs one of the systems architects here at protected trust and in this video I wanted to go over how you can restrict some of the verification options that are available to users for performing multi-factor authentication in office 365 You may remember If you're if you're using multi-factor authentication, you may remember when you first Set it up. You were provided with a few different options. So you were provided with an option to Perform a text code to my authentication phone or to notify me through the app or to use verification code from app or token when I would recommend doing and especially For security reasons is to actually remove the option to get a text code to my authentication phone the reason that we recommend doing that is to help prevent against certain types of attacks called sim swap attacks where a malicious actor will spoof someone's phone number or Maybe for example actually port someone's phone number away from their phone So that they can use that to authenticate to an account and by removing that option it removes that that potential security hole And it's something we recommend doing in general we recommend using the Microsoft authenticator app It's definitely the easiest way to perform multi-factor authentication in office 365 So removing that option to to do it via a text message is in general a good idea in order to do that as an administrator you would want to log in to the admin portal at admin dot Microsoft com And then under users go to active users and then there's an option that you should see here for multi-factor authentication So we're going to select multi-factor authentication, which is going to open in a separate window here for us and Then up here we have an option for service settings. So we want to select service settings And if we scroll down towards the bottom here here are here are the methods available to us for verification options So what we want to do is essentially only use the notification through the mobile app So if we remove text message to phone Then the only method that would be available essentially at this point would be through the mobile app if you're using hardware tokens or if you want to also allow your users to Authenticate to their 365 account by typing in that six-digit code that appears on the mobile app Then we can leave that enabled, but we definitely want to remove the option for text message to phone And that's pretty much it after after making those changes and saving it Then when users log into the option for When they're initially setting up their security verification They will no longer get that option to to provide a text code to my authentication phone and that just Improves your security a little bit more And that's it. Have a good day