At my company, we want to enable 2-factor authentication for our Office365 products, but the reason we haven't at this point was because Outlook and Skype for Business didn't support it and we didn't want to deal with the whole app password mess. I see that the Outlook and Skype for Business client support Modern Authentication now, but we still have to enable Modern Authentication for our tenant.
My question is, if I enable Modern Authentication for our tenant using the instructions in this article - http://social.technet.microsoft.com/wiki/contents/articles/32711.exchange-online-how-to-enable-your-tenant-for-modern-authentication.aspx , does that automatically enable 2-factor authentication for all of our users? Or do we still need to enable it for our users as well?
Our concern is that if we enable it for our tenant, then it will immediately change the login experience for our users which is not what we want to do. We would like to enable modern authentication and 2-factor for a select group of users first for testing, before we roll it out for everyone.