Most of the industry has moved into multi-factor authentication as a means to better secure products and services. Multi-factor authentication provides extra steps to obtain access to services so that accounts can be validated by more than just a single password. Extra steps often include acknowledgement of a phone call, text message or other notification to authenticate the account to the service.
Various Microsoft services already provide multi-factor authentication, but today Microsoft is adding this security feature to Office 365. This includes Office 365 Midsize Business, Enterprise plans, Academic plans, Nonprofit plans, and standalone Office 365 plans, including Exchange Online and SharePoint Online.
Prior to today, multi-factor authentication was only available for administrative roles, but that function has now been extended to single users.
The change today only affects Office 365 web apps and not the locally installed Office 2013 client applications. But, Microsoft is promising that multi-factor authentication will be available for Office 2013 client applications directly sometime in 2014 along with smart card support.