Last month we exclusively reported one of the new security features coming to Microsoft account – enhanced account aliases, aimed to replace the account renaming feature currently in place. Whilst Microsoft has recently silently switched back on the account renaming feature, the new account aliases feature has yet to make its appearance. However, LiveSide understands that Microsoft has more security features planned for its Microsoft account service. One of these new features include two-factor authentication.
By setting up “Two-step verification”, when logging in to your Microsoft account from any device or apps (with the exception of devices added to your trusted PC list), in addition to typing in your password you will also be prompted to enter a security code randomly generated by an Authenticator app on your phone.
Interestingly, thanks to a tip from LiveSide reader Levee, the Authenticator apps is already available on the Windows Phone Store. Below is a description of the app:
The Authenticator app generates security codes you can use to help keep your Microsoft account secure. You can add your Microsoft account to the app by scanning a barcode or by manually entering a secret key. The app implements industry-standard security code generation and may also work with other services and providers. You can learn more about keeping your Microsoft account secure at https://account.live.com/p.
Whilst currently unavailable, the Microsoft account website (http://account.live.com) will soon provide the ability to pair your Authenticator app to your account, as shown below:
One of the limitations of the two-step verification feature is that it will not work with linked accounts, as such users are required to unlink all their linked accounts before turning the feature on. In addition, some apps or devices that uses Microsoft account might not support two-step verification (such as the mail app on some phones), as such Microsoft also added a feature called “app password”. When you have turned on two-step verification and signs in to an app or device that doesn’t support the feature, simply generate an app password from the Microsoft account website, and enter that into the password field to sign in.
Unfortunately we do not yet know the timing of the release of this new feature, but rest assured that it will be coming soon. This will be a welcoming update for many users who had been requesting for this feature, particularly given Google accounts already support two-factor authentication. What do you think about this new feature? Let us know in the comments below!