Windows 10 tip: Keep your Microsoft account secure with 2-factor authentication

The default settings for Windows 10 strongly encourage you to sign in with a Microsoft account. Although it's easy enough to switch to a local account, there are good reasons for connecting that Microsoft account, including the ability to easily sync settings between devices.

But that powerful account is potentially a source of headaches if your credentials are stolen or phished. To protect yourself, I recommend that you turn on Microsoft's additional security features, which require a second form of authentication if someone tries to use those credentials on an unknown device.

The option is buried deep in the web interface for a Microsoft account. Fortunately, there's an easy-to-remember shortcut:

https://account.live.com/proofs/

Signing in with your Microsoft account at that page gives you access to three advanced security settings:

• Two-step verification forces you to provide a second proof of identity when you sign in on an untrusted device. That code can be sent to an email address, delivered as a text message to your mobile phone, or generated by an authenticator app on your mobile phone
• The trusted devices list lets you skip the second factor on a device you own after you successfully prove your identity. If a device is stolen, or you suspect you've been compromised, you can clear this list and force a 2FA prompt the next time you sign in on each previously trusted device.
• A recovery code is worth printing out and saving in a secure location as a way to regain access if you lose access to other verification options.

Note that if you turn on two-step verification, you'll need to generate app passwords for signing in to Xbox, Microsoft Outlook, and third-party apps that can't receive a 2FA code.

Given the havoc that a hacked account can cause, I strongly recommend visiting this page and tightening up your Microsoft account security.

Previous tip: Protect removable storage devices with BitLocker encryption

Next week: Another Windows 10 tip from Ed Bott

see all of ed bott's Windows 10 Tips

Solve network problems with a one-click reset

Shut down OneDrive completely

Squeeze hours of extra life from your laptop battery

Find your PC's original product key

Stay organized using virtual desktops

Change UEFI firmware settings or start in Safe Mode

Create a perfect background for your desktop

Turn off Cortana completely

Find out if your PC can run Hyper-V

Switch back to a local account from a Microsoft account

Stay organized using virtual desktops

• Solve network problems with a one-click reset
• Shut down OneDrive completely
• Squeeze hours of extra life from your laptop battery
• Find your PC's original product key
• Stay organized using virtual desktops
• Change UEFI firmware settings or start in Safe Mode
• Create a perfect background for your desktop
• Turn off Cortana completely
• Find out if your PC can run Hyper-V
• Switch back to a local account from a Microsoft account
• Stay organized using virtual desktops