Microsoft beefs up account security

Microsoft is adding a few new security features to provide more peace of mind for Microsoft Account holders.

Users will soon be able to see a recent activity log through Microsoft's website, showing recent sign-ins, incorrect password entries, password resets, and security challenges, as well as the locations of each activity. If anything looks suspicious, users can click a “This-wasn't-me” button to get help locking down their accounts.

msaccountrecentactivity

Users can keep an eye on recent account activity and get help with locking down their accounts.

Microsoft also is adding more control over security notifications for certain activities, such as resetting your password or logging in from a new device. Users will still always get notifications at a primary e-mail address, but now there's an option to add extra phone numbers for these notifications.

Finally, Microsoft will provide a fallback for users who've enabled two-step verification on their accounts. Typically, two-step verification requires a phone number, an e-mail address, or an authenticator app as well as a password to log in on an unrecognized device, but now Microsoft will let users create a recovery code to access their accounts when other options aren't available. Microsoft suggests writing the code down on a piece of paper and placing it somewhere safe, rather than storing it on a device.

msaccountrecoverycode

A recovery code acts as a fallback for users with two-step verification.

The added security measures are necessary for Microsoft in its new push as a “devices-and-services” company. Microsoft wants to carve out a bigger role for online services such as Office 365, SkyDrive, Outlook.com, and Xbox, working across multiple platforms. With all of these products tied to a single Microsoft login, the potential security headaches only get bigger, so Microsoft needs to ramp up its security efforts accordingly.

The new security features may not be immediately visible, but should roll out to all users over the next couple of days.

Subscribe to the Security Watch Newsletter

Comments