Enable or disable One-Time Passcode

  • Article

 

Applies to: Exchange Online Protection, Office 365

One-Time Passcode (OTP) is enabled by default, but you can disable OTP for your organization by using remote Windows PowerShell for Exchange Online. If OTP is disabled, the recipient of a message encrypted with Office 365 Message Encryption must sign in with a Microsoft account or a work or school account associated with Office 365 to view the message. The recipient won’t have the option to view the message by using a one-time passcode.

What do you need to know before you begin?

Disable or enable One-Time Passcode (OTP) by using remote Windows PowerShell

In your remote Windows PowerShell session, you can disable OTP by using the Set-OMEConfiguration cmdlet. You can also enable it again by using Windows PowerShell.

Disable One-Time Passcode

To disable One-Time Passcode, run the following command.

Set-OMEConfiguration -OTPEnabled $False

To see if this worked, have another email user in your organization send you a message encrypted with Office 365 Message Encryption as a test. If the option to get a one-time passcode is not available when you open the attachment (message.html), you successfully disabled OTP.

Enable One-Time Passcode

To enable One-Time Passcode, run the following command.

Set-OMEConfiguration -OTPEnabled $True

To see if this worked, have another email user in your organization send you a message encrypted with Office 365 Message Encryption as a test. If the option to get a one-time passcode is available when you open the attachment (message.html), you successfully enabled OTP.

See Also

Use a one-time passcode to view an encrypted message
Encryption in Office 365

Sign in to view your Office 365 encrypted message