If you use a Microsoft account for work, school, or for Xbox Live this extra layer of security is a must-have. Added bonus: It's super simple to activate.
We've all come to accept passwords as the default way to secure our digital lives. Along with a life lived online comes, unfortunately, ever more security risks that render passwords insecure. The ease with which a password can be hacked, phished, or stolen continues to grow, and users need to face it: The internet is moving beyond passwords as the standard form of security.
The new standard is fast becoming two-factor authentication, which involves adding a second one-time code alongside the password. Many companies offer it as an added security feature. We've profiled several before, such as Google and Apple, and now it's Microsoft's turn.
If you have a Microsoft account you rely on here's how to give it an extra layer of protection.
Activating two-step authentication for your Microsoft account
Start by opening the Security Settings page for your Microsoft account. Once you're logged in scroll down until you see Two-Step Verification, shown in Figure A. Click on Set Up Two-Step Verification to advance to the screen shown in Figure B, which explains what two-step verification is and what steps you'll follow.
Click Next and you'll see the screen shown in Figure C. Here you have the option of setting up the Microsoft Authenticator app on your mobile device. Doing so makes signing in much simpler, so for this tutorial I'm including that process on an iPhone.
SEE: Worried about identity theft? Then you should avoid these password pitfalls (TechRepublic)
Select your operating system and click Next, and Microsoft will give you some simple instructions (Figure D).
Open up the app store on your device and download Microsoft Authenticator. Once you've installed it and opened it you'll be prompted to add an account (Figure E).
If you've used a Microsoft account on that device before, as happened to me in Figure F, it may find it automatically but you'll still need to sign in.
After you sign in you'll see a set of eight random numbers, but you'll never really need them once you're done setting up two-step verification.
SEE: There's a new Gmail phishing attack going around, and it's fooling everyone (TechRepublic)
At this point, return to the computer and click Next. You'll be greeted by the message shown in Figure G, which informs you that you're all done: it's that simple! Make sure you save a copy of that recovery code. If you completely lock yourself out you'll need it to verify who you are. Take a screenshot, print it, copy and paste it into a document—just be sure you save it.
How Microsoft's two-step verification looks in action
Most two-factor authentication systems require you to enter a multiple-digit code you get texted to you or see on your mobile app, but not Microsoft's. The next time you enter your password and log in, your phone will notify you that someone is trying to log in to your Microsoft account, as shown in Figure H.
Unlock your device and tap Approve (Figure I) and login will complete on the computer automatically. This amount of added security can't get any easier.
- 10 best practices for Windows security (TechRepublic)
- Using SMS for two-factor authentication? It might be time to think again (ZDNet)
- Firms that force you to change your password are clueless says cyber security chief (TechRepublic)
- LastPass phishing attack avoids two-factor authentication in data theft (ZDNet)
- The White House wants you to ditch your password and "lock down your login" (CBS News)