Microsoft Accounts Gain Two-Factor Authentication Option
Users of services and devices that rely on a Microsoft Account, are getting access to an added layer of security in the form of a two-step authentication process.
The new two-step verification system which will be rolling out to users worldwide, will require an alpha numeric key in addition to the user’s password before their Microsoft Account can be used on products and services from the company.
According today’s press release, this update is all about making sure that Microsoft Accounts stay as secure as possible, especially since during the last few years, more and more of Microsoft’s consumer products have required the use of a Microsoft Account to function properly. Prior incarnations of Microsoft’s Windows Phone, Office productivity suite and Windows operating system rarely –if ever required the use of one. That’s no longer the case today.
With this update to Microsoft Account, the company will be enabling the same process it first rolled out on subscription purchases for Xbox LIVE and SkyDrive.
If a user does decide to enable the option, they’ll be automatically prompted to provide more information about themselves if they haven’t already done so including a cellphone number where Microsoft can send verification codes. Windows Phone users will also have access to Microsoft’s new Authenticator Application. With it, users will still be able to access verification codes, even when they aren’t able to connect to the internet.
Though Microsoft cites the existence of other authentication applications for other platforms, Microsoft doesn’t name any specific utilities for iOS and Android outright, only that there are solutions on other platforms that are already compatible with Microsoft Account.
Some devices can be setup to not ask for security codes often, however users will still need to enter a verification code once and if that device isn’t logged into regularly, will once again default back to asking for a verification code with every login.
As consumer technology becomes increasingly tied to internet services, most companies are requiring the use of a single username and password across all of their services. Because of this, one compromised password could spell disaster. Apple recently ran into a problem when the company introduced a new two-step authentication system only to make accounts more vulnerable by allowing anyone with a user’s birth date and email account to reset the user’s password for a brief period.