Finally, I say. After deflecting the need for and promising the availability of 2-step verification, Microsoft officially announced the roll out of optional 2-step verification on Microsoft account on April 17.
First, what is 2-step verification? It is a method by which services force you to provide an additional verification item to ensure you are actually who you say you are, before allowing you to login. Typically, this is done through a code sent via SMS after logging in with username and password. That way, the service ensures that just because someone has access to your username and password, they won’t be able to easily login to your account.
For Microsoft account, you can enable this feature by going to https://account.live.com/proofs/Manage. Once you enable it, you will be required to provide the code sent to your phone or if you set up a secondary method like email, then via email after providing your username and password. Additionally, for smartphones there are authenticator apps that work with Microsoft’s 2-step verification and Microsoft has also built an app for Windows Phone for the same purpose.
Once you set up the 2-step verification, it will work on Windows Phone, Windows 8, the web as well as Microsoft services on iOS and Android. As is the case with Google and other services that have already implemented 2-step verification, for clients that cannot support entering codes like Xbox, Microsoft will allow you to set up an app password. Once you have the app password for a particular client, it will remain associated with that client so you don’t have to enter the code at every login.
Microsoft has also enabled functionality where you can choose to have the code remembered for a particular application or service. If you do that, the code won’t be requested for 60 days, thereby making the process seamless.
It is also worth noting that Microsoft has enforced 2-step verification for some of its services already. For example, with SkyDrive you can remotely fetch files from other computers. Since this is a critical feature which can be abused by someone breaking into your account, Microsoft required a security code to be entered in addition to username and password.
Finally, remember that if you change your phone number or email, it is important to update the information in your account preferences before losing the number or email since it is something that cannot be updated by customer support. If you do lose the number and it is not reflected in your account preferences, you will have to wait for 30 days which is the typical account recovery period.
I like this step that Microsoft has taken. 2-step verification is not easy and has a lot of issues when the account is also used for authentication on other services besides the provider’s. It does seem like Microsoft is aware of the complexity involved and have tried to make it a bit more user-friendly than competing services. With more of our lives being stored in digital form, it is important to have good “locks” installed to protect our digital properties. 2-step verification is just one of the steps, and I am glad Microsoft has chosen to implement it.
Images are from the Official Microsoft Blog