Is your Microsoft account only consists an email address and password? Do you know that there are additional security measurements you can enforce on your Microsoft (Live) account? Microsoft has been supporting two-step verification authentication for quite a while. As the name suggested, it is a secure way to protect your Microsoft Account by having an additional authentication on top of the existing username/email address and password. This additional authentication usually are something you personally carry with you all the time, like a smart phone. It uses time synchronization as the basis of this so-called “2-step verification”, another term often referred in the technology world is “time-based on-time password” (TOTP). The idea is to access the account, you need to provide two password, one is your regular password that doesn’t change, and the other is a one-time password that usually expires shortly after it generated.
User will require both password to access Microsoft account, thus, even if the traditional password has been stolen. As long as your secondary password are secure, your account are still being protected. That makes hacking with brute force and other methods much less effective.
To Set up 2-step verification on Microsoft Account
Here we will be showing you step-by-step how to set up 2 step verification with your Microsoft account, and leverage your smart phone as the secondary TOTP device.
First, you need to login to Microsoft account, then go to “Security & Privacy” or this URL: https://account.microsoft.com/privacy
Under Account Security > More security settings
Scroll down to “Two-Step verification”, you can turn on two-step verification.
It will prompt to ask you first setup an authenticator app. In this example we will be using iPhone, iPad or iPod touch as an example.
Regardless of what you have selected, based on your mobile devices, there are individual instructions you can follow. If you have a Windows Phone, the application generates TOTP are different from platform to platform.
As for iOS, if we follow the instruction to install Google’s authenticator app, or following this link.
The next step is to launch the app from your phone.
Select the + icon from top left, and choose Scan bar code. You will use this to scan the QR code shown on your screen below.
Once you have scan the QR code, just enter the 6 digit number to step 4 to verifying the pairing between your Phone and your Microsoft Account.
Click Next to finish.
Now, you have successfully added an additional security measure to secure your Microsoft Account. What does this mean in the future ? Every time when you login your Microsoft Account it will be prompt to ask you to enter the additional pass code that are appearing on your smartphone’s authenticator app. To double verify your identity, however, it doesn’t necessary mean you need to do this every single time. You can remember any trusted devices on this additional step, only prompt you this when you are logging from an unauthorized device or from public or from work etc. The idea is to product hackers from remotely logged to your account. With this additional measure, you are all set to make your account more secure and I encourage you to spend the extra 5 mins to apply it to your account.