In Windows 8, you can now optionally sign into Windows with a Microsoft account using your email address. This account stores many of your personal Windows settings, preferences, and saved passwords, as well as other items like browser history, favorites, and Windows 8 apps, on Microsoft's servers. Whenever you log on to a new Windows 8 device with that Microsoft account, all your data automatically syncs to your new hardware.
Although this new syncing functionality can be useful, it does pose a security risk. If malcontents get your Microsoft account password, they could log in to your account at another Windows 8 PC and access your synced data. And if you use Microsoft's SkyDrive cloud storage service, they'll quickly be able to access your online files.
To help prevent your Microsoft account from being hacked, use a strong password when creating your account in Windows 8. Try to make it as complex as you can with lower- and uppercase letters, numbers, and special characters, and avoid words from the dictionary. Also make sure to use a unique password. If you simply re-use the same old string that gets you into other sites and services, you're just asking for trouble. Finally, you should avoid storing any truly sensitive documents in SkyDrive.
If you already have a Microsoft (or Windows Live) account, you can use it when logging into Windows 8 instead of creating a new account. And if your existing password isn't strong, you can always change it.
Fortunately, your saved passwords from Internet Explorer, networks, and Windows 8 apps aren't synced to a new system until you confirm it as a "Trusted PC." Once you sign in to a new Windows 8 system, Microsoft sends you an email and/or a text-message alert asking you to confirm it. This is a great protection mechanism, but if you're using a Microsoft email address (Hotmail, say), or if someone knows both your Microsoft account and your other email password, he could confirm the PC he's using as trusted and then access all your saved passwords.
To help make the process of confirming trusted PCs even more secure, use a non-Microsoft email address for your Microsoft account, and use a different password for that email account (which you should be doing anyway). Also make sure to enter your mobile number on your Microsoft account and update it when it changes. You can always add and change email addresses and mobile numbers.
Choose your antivirus program wisely