Department of Defense Education Activity

Latest Messages & FAQ

Get Answers & Provide Feedback

Frequently Asked Questions (FAQ): Click the label header or the plus sign "+" to see the questions and answers.

What is MFA? - Multi-factor authentication (MFA) requires you to prove you are who you say you are by verifying information in multiple ways. For DoDEA purposes, you will use the following.

  1. Something you know (username and password), PLUS:
  2. Something you have access to such as your office phone, mobile phone or mobile app for Android or iPhone. DoDEA does not use the information entered for verification for other purposes.

M365 MFA Approval

A strong password is required by DoD policy. Your past word must be at least 15 characters long and contain at least 1 of each of the following: UPPERCASE letter, lowercase letter, number and special character (such as $%@#!&). See instructions on how to reset your password.

Will MFA increase my phone bill? – To avoid SMS text or roaming changes, use the Microsoft Authenticator app from the Android or Apple app store. You'll use the code generated by the authenticator app to verify that you are who you say you are. This option does not require internet nor data connection once the app is setup. 

See the setup instructions to start using the Microsoft Authenticator app

How often will I receive a SMS/text? -  If you have set up your authentication to call you or if you are using the Microsoft Authenticator app, you will not receive SMS/text. If you have set up your authentication method to receive a text message, you will receive a single text with a code when verification is needed. 

The authentication system is designed to monitor and look for changes in your login. If the system identifies a fluctuation, such as when you log in from a different location or different device, it will prompt you to verify that it is you logging in. If you consistently work from a single device, you will be prompted for verification much less.  

Can DoDEA now track my personal device? – The phone information used for authentication is only used to secure your login and verify who you are. DoDEA does not use this information for other purposes. 

Am I now required to have a phone? – Microsoft multi-factor authentication (MFA) can be setup using your office phone, mobile phone or a mobile app for Android or iPhone. Using your office phone for authentication may limit mobility. The phone is used in place of the CAC for “something you have access to” in the multi-factor authentication process. We are researching options for those who do not have a phone readily available. If you do not have an available phone or device that can be used for authentication, you may submit an IT service request into the Global Service Desk. 

Does MFA mean I will be able to login into DoDEA applications and services on my phone or tablet with no CAC? Yes. However, not all apps and services will allow non-CAC so you will still need a CAC for some DoDEA and DOD resources or websites.

Why do I have to use the MFA for M365 Teams? - Multi-factor authentication (MFA) is a Department of Defense security requirement; however, you do have a choice of how you would like to complete the MFA. Look at the second factor comparison sheet.

Is there an alternative way to complete the two-step verification process? - If you do not wish to use a personal device, such as your phone, for the two-step verification process you may use your office phone. Please note that office phone must be capable of receiving calls directly from an off-base line. Using your office phone to authenticate may limit the flexibility you have to access resources and apps from other locations. 

What if I have limited cellular signal? - It is recommended that you use the Microsoft Authenticator app. This option does not require internet nor data connection once the app is setup. 

What if I don't have a cell phone for Multi-Factor Authentication, MFA? - You may use an office phone if the office phone accepts direct calls from off-base. However, you may also use the Microsoft Authenticator app for Android or iOS (Apple) device as it does not only work on a cell phone. The mobile Microsoft Authenticator app only requires an internet connection. After setup it does not require an internet connection. 

If neither an office phone nor a mobile Android or iOS device (does not have to be a cell phone) is available the individual should enter a Service Desk ticket.

Where can I find instructions for setting up my account? – Instructions are included in the setup emails - both in the username and password emails. You can also find instructions on the Implementation Roadmap page or go directly to the Quick Setup instructions, which contains a few less screenshots and explanation or the official installation and setup guide.

How long does the initial temporary password last? – The M365 temporary password expires after 90 days. However, users should reset the temporary password as soon as possible to avoid any confusion with the password or pin prompt that may popup from Outlook. Users may be prompted to enter a password for each shared mailbox. If entering the wrong information, it could lock a user out of their computer or CAC. See instructions on resetting the Microsoft password.

How do I change the temporary password? - You should receive a prompt to change your password. However, you can use the instructions for resetting the Microsoft password to change your Microsoft 365 password at any time.

Do I have to be on the DoDEA network to change my temporary password? - When using Ctrl + Alt + Delete to reset your temporary password, you must be connected to DoDEA network or connected through VPN if you are remote. Please visit resetting the Microsoft password for password reset directions.

How do I get the endless loop when logging in with my password that says "Don't ask me again for 14 days" to go away? - This is a possible chrome browser issue. To solve this issue try the following: Clear cookies, clear cache, restart browser and restart your machine/device. 

When will students have access to M365? -It has not yet been determined if/when students will have Microsoft 365 access.

When will we receive training on the other available app's in M365? - Currently there is available training for Teams at Microsoft References and Training page. Once more apps are deployed, there will be additional training opportunities provided. 

Will M365 replace the Google programs currently being accessed and used? - There is no plan to get rid of Google Suite. Please visit to see some of the differences. 

Can PII be store in Microsoft 365 apps such as OneDrive and SharePoint? - Yes, PII can be stored, however, it is very important to note how, with whome and where PII is stored in order to prevent sharing the data with those who should not have it.

Can non-DoDEA staff be added to our team? -  Guest access can be requested but it's not guaranteed. Guests also do not have the same rights as other members within a Team. Anyone can access a meeting so no guest account is needed. See bottom of the Teams roles page for more info. 

Fact Fiction

Fiction: A lot is going to the cloud but not everything. First let's just clear up what cloud means. In simplest terms, it's the Internet. So, having something in the cloud means that you can access your files, contacts, documents using the Internet.

Fiction: Both Google and Microsoft 365 will exist within the DoDEA ecosystem. Microsoft provides a means for all staff to collaborate. Additionally, Microsoft has additional security protections that allow for more flexible sharing and storing of PII data Google is intended for educational purposes only so has additional user restrictions. See page Ready to GO!

Fiction: Once completely implemented, Microsoft 365 will be available for all DoDEA staff.

Contact IT Customer Support Services for additional support (VPN & CAC required).
Contact: Nicole McNealy, IT Communications, for questions about this page
Denotes alink that requires CAC Authentication