On August 2, 2019, Microsoft implemented a mandatory Multi-Factor Authentication policy for all partners re-selling Office 365/Microsoft 365 licenses to end users. The policy requires all administrator accounts in the CSP tenant to have Multi-Factor Authentication.
Cloud App Security accounts provisioned using the automatic provisioning process are now required to have Multi-Factor Authentication.
To enable Multi-Factor Authentication on new or existing Cloud App Security Service Accounts:
- Log in to the Office 365 Admin Center.
- Select the Users > Active Users tab.
- Select “Cloud App Security Service Account for SharePoint” from the Active Users list.
- Click Manage Contact Information to update the service account with a mobile phone number for authentication purposes.
- Reset the password using the "Let Me Create the Password" option.
- Click Manage Multi-Factor Authentication for the User account.
This will redirect to the multi-factor authentication page.
- Select the User account and click enable multi-factor auth.
- Log in to My Account using the service account name and the new password created in Step 5, and complete the multi-factor login using the code sent to the mobile phone number added in Step 4.
- Once the login has been verified in My Account, navigate to Security & Privacy > Additional security verification > Create and manage App Passwords.
- Click Create and name the new password "Cloud App Security".
The name of the app password and the password will be shown on screen.
- Copy the password by clicking copy password to clipboard.
- Log in to Cloud App Security and navigate to Administration > Service Account.
- On the SharePoint service account, select "Change Password" then paste the new app password and save it.