April 17, 2013, 2:02 PM — Following similar initiatives by Apple, Google and Facebook, Microsoft is enabling two-factor authentication for its Microsoft Account service, the log-on service for many of its online and desktop products.
"With this release you can choose to protect your entire account with two-step verification, regardless of what service (or device) you are using with your Microsoft account," wrote Eric Doerr, Microsoft Account group program manager, in a blog entry announcing the secondary authentication. "It's your choice whether you want to enable this, but for those of you that are looking for ways to add additional security to your account, we've worked hard to make set-up really easy."
With two-factor authentication, a user logging in to a service or device supplies a second piece of information in addition to a password, thus making it impossible for another party to gain illicit access to the user's accounts without all the separate pieces of information. Microsoft is using additional verification methods such as a short code sent to the user's mobile phone, which is then entered in addition to the password, or by asking the user to supply additional information, such as an alternative email address.
Microsoft Account, formerly called Windows Live ID, is a single sign-on Web service to authenticate users of Outlook.com, SkyDrive, Skype, and other Microsoft services. It can also be used as an authentication mechanism for Windows PCs, the Xbox and Microsoft Office. Overall, Microsoft has over 700 million users registered to Microsoft Account.
Users will find instructions on how to add a second form of authentication on the Microsoft Account settings page. The chief form of secondary authentication will be a short code sent to the user's mobile phone, the number of which Microsoft will keep on file, each time the user logs on.
As an alternative to security codes, Microsoft is providing a number of other forms of authentication as well. For smartphones, users can deploy an authenticator app. Microsoft has released an authenticator app for Windows Phones, and third-party authenticator apps can be used for other platforms. For those devices that do not directly support two-factor authentication, such as the Xbox, users can get a secondary password, one unique to each device.