For a lot of services you need a Microsoft Account right now. For example OneDrive, Skype, Xbox, your Office 365 account, the Windows and Windows Phone app store and of course your Windows login. Since this account gets more and more important especially when you save a lot of documents and pictures to OneDrive, buy software and applications. I also use the Microsoft account for all my Microsoft Certifications, Microsoft Events and of course for everything related to the Microsoft MVP award and MSDN. So as you can see my Microsoft account is really important to me. I want to make sure it is as secure as possible. This post should show you some little tips how you can make your Microsoft Account more secure.

Manage your Microsoft Account

Microsoft Account

You can mange your Microsoft account directly from the Microsoft Account page (https://account.microsoft.com). Here you can find all links you and information related to your Microsoft Account.

Use strong passwords and change it from time to time

This is a very simple one, but most people do not really pay attention to it until hey get hacked. It is really important to use a strong password for your accounts and also change it from time to time. A strong password can look like this:

  • Is at least eight characters long.
  • Contains a mix of letters, numbers, and symbols.
  • Doesn’t contain your user name, real name, or company name.
  • Doesn’t contain a complete word.
  • Is significantly different from previous passwords.
  • Isn’t the same password you use on other web sites, such as for online banking or other email accounts.

You can change your password on https://account.live.com/Password/Change.

Keep your security info up to date

Microsoft Account Security Info

Security info like an alternate email address or phone number helps Microsoft to verify your identity if you forget your password or if someone else tries to take over your account. For example if you or someone else wants to make changes to your account he will get security codes send to this addresses which you need to make the change. This information is also needed to recover your lost password. As you can see it is very important that you keep this information up to date. You can update them under Advanced Security (https://account.live.com/Proofs/Manage) in your Microsoft Account Page.

Configure security alerts

Microsoft Account Security Info Notifications

If something happens to your account like security related changes you can also configure how you will receive security alerts. This can also be configured on the Microsoft Account Advanced Security (https://account.live.com/Proofs/Manage).

Check Recent activities

Microsoft Account Security Resent activity

You can also login to see recent activities such as logins whit location, IP Address, location and device information. You can see the latest logins on the recent activity page (https://account.live.com/Activity).

Create a Recovery Code

You can use your recovery code if you lose access to your security info or someone hacked your account. You need to print out your recovery code and keep it in a safe place. This can also be configured on the Microsoft Account Advanced Security (https://account.live.com/Proofs/Manage).

Configure email address to login (Sign-in preferences)

Microsoft Account Sign-in preferences

With your Microsoft account you can have multiple email addresses (aliases). To make it harder for hackers to get into your account, turn off sign-in preferences for email addresses and phone numbers you don’t use.

Two-step verification

Microsoft Account Two-Step Verification

This is maybe one of the most important settings to make it hard for others to login to your Microsoft Account. If you activate Two-step verification you not only need a password to login, you also need another security code which you can receive as text message on your mobile phone, as email to the alternative email address or with the Microsoft Authenticator app for Windows Phone, iOS or Android. So if you login to website or a device for the first time you need not only your password you also need that code. For your day to day devices you can also mark your devices as trusted account so you don’t need the verification code all the time. You can get more information about Two-step verification here.

The wizard will help you to setup two-step verification. In the following steps, we’ll help you:

  • Make sure you have up-to-date security info where you can receive security codes.
  • Set up an authenticator app if you have a smartphone. (With an authenticator app, you can get security codes even if your phone isn’t connected to a cellular network.)
  • Print or write down your recovery code.
  • Create app passwords for apps and devices (such as Xbox 360, Windows Phone 8 (or earlier), or mail apps on your other devices) that don’t support two-step verification codes.

Two-step verification Authenticator app

Microsoft Account Authenticator App

If you use Two-step verification you can not only get the secure codes via text message or email, you can also get them via Authenticator app which is really needed if you don’t have any connectivity. The Authenticator app is available for Windows Phone, iOS and Android.

App passwords

Microsoft Account App Password

Some apps and devices such as Xbox 360, old versions of Windows Phone, or mail apps on your other devices don’t support security codes for two-step verification. In these cases, you need to create an one-time app password to sign in. If you need an app password and already know how to use one, visit your security info page online to get an app password. You can get more information about App passwords and two-step verification here.

Trusted Devices

When you try to view or edit sensitive info related to your Microsoft account like your credit card details Microsoft might ask you for a security code first, to make sure that only you can get in to your account. If you use Two-step verification this is the same behavior for all logins you do with your Microsoft account. But you can designate a PC as a trusted device.

If you lose one of your trusted devices you can also login to the Microsoft Account Advanced Security page (https://account.live.com/Proofs/Manage) to remove all the trusted devices and add them again.