security
Cloud & Services

Microsoft adds two-factor authentication to keep accounts secure

If you’re an active user of Outlook, SkyDrive, Office Web Apps, or other Microsoft services, you may want to add two-step verification for an extra layer of security.

Microsoft is rolling out this optional security measure, also known as two-factor authentication, over the next couple of days. Once available, it can be enabled through account settings.

As the name suggests, two-step verification requires you to login with a second form of identification, in addition to your user name and password.

For instance, Microsoft can send you a code via text message or email, which you enter while logging into your account for the first time on any PC or other device.

Verifying your Microsoft account vial email with two-factor authentication

You can then set that device as a favorite, preventing you from needing a new code at every login.

The verification will only reset if you don’t access the device for 60 days or if you revoke access through Microsoft’s website.

For situations where you can’t receive a text message—for example, while traveling overseas—Microsoft offers an Authenticator app for Windows Phone that can generate security codes on its own. You just have to set the app up before you travel.

Authenticating via phone

Although Microsoft doesn’t offer the app on iOS or Android, other authenticator apps will work with your Microsoft account. (Microsoft hasn’t said which apps are supported, but Google offers an app for both Android and iOS.)

Some apps or devices, such as the Xbox 360, don’t directly support two-step verification, but Microsoft says it will “help you set up an app password unique to each application or device” in these cases.

Why set it up?

Two-factor authentication is a great way to reduce the chances of someone breaking into your account with compromised credentials, because it requires the hacker to have access to your email or your actual phone.

Considering how often major web services are compromised by hackers, it’s worth the extra effort of setting it up.

Google and Facebook have offered two-factor authentication since 2011. Dropbox followed along in 2012, and Apple started offering it for iCloud accounts last month. As Microsoft begins focusing more on connected services than software, it’s good to see the company following along with more protection for users.

Subscribe to the Business Brief Newsletter

Comments