Keep your Microsoft account safer with two-factor authentication

Your Microsoft account is the gateway to too many critical services to secure with a simple password.

If you use Microsoft services like SkyDrive, webmail, or Xbox Live, you have a Microsoft account. If you have a Microsoft account, you might use it to store personal information that you wouldn't want hackers to be able to get at. You know, credit cards and tax returns and such. Turning on two-factor authentication can help keep would-be data thieves out, and your secrets secret.

Two-factor authentication--which Microsoft accurately calls two-step authentication--is based on a simple premise: It requires you to enter a single-use security code in addition to your username and password when you log in. This can help keep bad guys out of your account, even if they get ahold of your account name and password.

Set up two-step authentication in two easy steps

To start, log into your Microsoft account by visiting and entering your username and password as instructed. Once you're logged in, select Security Info from the list on the left-hand side of your browser window.

Microsoft may ask you to verify your identity by sending a security code to you via text message or phone call (if you provided a cellphone number when you set up your account), or via the email address associated with your account. Select the option you prefer from the list and press Next, then enter this code on the next screen and press Submit. You now have access to your security settings--and you just got a taste of what to expect from two-factor authentication.

Now that you're on the Security info screen, look for the Two-step verification heading and click the link labelled Set up two-step verification: Microsoft will begin to step you through the process.

Once you click through the next screen--which gives you an overview of the process--Microsoft will recommend that you download an authenticator app for your smartphone. Unlike text messages, an authenticator app will work in an area where you have a Wi-Fi connection but no cell coverage. Follow the instructions on screen, then click Pair.

If you don't want to go hunt down a decent authenticator app (I don't blame you) press Skip: Just be aware that you might have trouble getting into your account if you're ever in a dead zon and can't receive calls or texts.

Microsoft will make sure it has another way to contact you on file if all else fails--by default, it will show you the email address that's associated with your account. Confirm it and press Next, and Microsoft will send you a security code to that email address. Type or paste it in when prompted, then press Next again.

App passwords: A password for your password

At this point, two-step authentication is set up and ready to go. This only transitions us into the world of app passwords: specialized passwords generated specifically for use with apps that don't support Microsoft's two-step authentication. If you use email on your non-Windows smartphone, you will need to generate an app password that will work with your email client of choice. Select your smartphone from the list if this applies to you; otherwise, press Next.

On the next screen, Microsoft will helpfully tell you that you may need to set up app passwords for other apps and services that rely on your Microsoft account. Read this page and click Finish to move on.

To create an app password, go to the Security info page and click the Create a new app password link under the App passwords heading. Jot down the password it generates, and enter that into whichever app you need it for. Each app needs its own app password, so if you need more, click Create another app password to your heart's content.

Tags MicrosoftWeb & social

Show Comments