Your Microsoft account for everything from email to Xbox just got a lot more secure thanks to Microsoft’s roll out of the optional two-step authentication over the course of this week. The Redmond company announced the new security feature on its blog yesterday after some leaked screenshots made their way to the Web last week.
With two-step login for any Microsoft service, you just need to provide two pieces of information every time you want to access your account. In addition to your password, you can either enter an automatically generated code sent to your phone (we’ll get into more details below), or some other piece of security info that you previously set up in your account (i.e., your alternative email address).
This optional security feature will work on Outlook.com, Skype, Xbox Live, Xbox Music, Xbox Video, SkyDrive, Ofice 365, any Web browser, as well as any device running Windows 8/RT/Phone 8. Don’t worry if you mostly use these cross-platform services as apps on non-Windows devices: this two-step login is also available on your Android or iOS device.
Before you can enjoy the extra layer of protection that two-step authentication provides, you need to spend a bit of time setting up your Microsoft account. Assuming the new login feature is available, you need to log into your account and add in some other pieces of information like your phone number and alternative email address so you can use this additional information to verify your identity. Of course, not everyone is comfortable with providing even more personal information to Microsoft, so you can use the automatic code-generating authenticator app instead to login.
If you plan on using your smartphone to generate the secret code to let you log into your Microsoft account, you need to set that up on your account before you download the Autheticator app. To do that, just follow the on-screen instructions.
For those of you who have a Windows Phone 8 or 7.5 Mango smartphone, you should head over to the Windows Phone App Store to grab a copy of the free authenticator app. In addition to helping you log into your Microsoft account more securely, this app can also generate access codes for other services like Google and Dropbox since it uses a standard protocol that is supported by other two-step login systems. The best thing about this app is that it works offline, which means you’ll be able to get the code you need to access your Outlook.com inbox without being charged for receiving text messages, which is how some third-party apps deliver your code.
Microsoft won’t be releasing a separate authenticator app for Android and iPhone users who primarily access their Microsoft services like Skype and SkyDrive on non-Windows devices. As the Redmond company said in its blog post, there are already similar apps available on these app stores, so non-Windows users will have to do some trial and error to find out what app will work best with their Microsoft account.
Frequently used apps & services
Microsoft wants to encourage users to use two-step authentication, but it also understands that users don’t want the hassle of entering a new code every single time – especially on devices they use frequently. That’s why users can opt to not enter a security code on the devices they use most like their smartphone, for instance, where they get push emails everyday. To set up your favorite device list, all you have to do is enter a code that’s sent to your phone or email one time per device, and Microsoft will remember that device going forward. If more than 60 days go by without using the device, Microsoft will ask you for your security code again.
Although you’re not required to enable the two-step security feature, you really should. It’s no longer a matter of “if” but “when” our many online accounts get compromised, and requiring us to come up with even more intricate passwords that we inevitably forget. At least with an automatically generated code, you just have to enter whatever code you’re given to keep those pesky hackers at bay.