Login to Microsoft My Sign-ins Portal, select "Security Info" (this login applies to both office365 and Azure).
Click "Change" to the right of "Default sign-in method"
Select "Authenticator app or hardware token - code"
Click "Confirm"
Overview
Content Tools