How to Enable Two-step Authentication for Your Windows Account

While it is understandable why many users consider two-factor authentication to be clumsy and bothersome, it most certainly has merit when it comes to Internet safety and the overall security of a user's online presence. In most cases, it's a security measure that provides users with much more than peace of mind.

The basics of two-factor authentication, or two-step verification, as Microsoft likes to refer to it, are as follows. The user is asked to provide two bits of information when attempting to access their account – the password they themselves associated with the account, as well as an additional code provided by Microsoft. That code is usually sent via SMS or an alternative e-mail to the user, thereby ensuring that unless the person wishing to access the account also has access to the user's phone and/or alternative e-mail. Microsoft's two-step verification process is somewhat more restrictive – it requires that the user install a security app on their phone and receive their code via that, not SMS or e-mail. By doing this, Microsoft can actually make this additional code time-out and change every thirty seconds. This contributes tremendously to the account's overall security, as simple hacking, brute-forcing and phishing tactics are unlikely to yield any result if cybercrooks try to crack such an account.

Unfortunately, that sort of security measure, by its very design, hinders the user's experience, as it makes them jump through additional hoops every time they wish to log into their account. Whether the trade-off between security and convenience is acceptable is up to the individual user to decide, but users should certainly consider the option of employing two-step verification.

Should a user decide that two-step verification, or two-factor authentication, is the right choice for them, there's a quick and easy way of enabling it. Here's a detailed step by step guide on how to do so:

Enable Two-Step Verification/Two-Factor Authentication

  1. Open your preferred browser and go to Microsoft's website. Once there, sign in to your pre-existing Microsoft account and select the "Security" page.
  2. Select "Set up Two-Step Verification" at the bottom of the page.
  3. Confirm contact information. Make sure all the forms that you are asked to fill in the next three pages are in order. Two menus down the line, click "Finish."

User advisory – keep in mind that in order to take advantage of Microsoft's two-step authentication, a user must have access to a smart device handy, with the Microsoft Authenticator app installed and functional. Not being able to access that second device and the authenticator app will necessarily mean an inability to access the primary account as well.

October 23, 2018