Quick 5 steps to improve the protection of your Microsoft account! Let’s do it!!
You can receive free of charge a Microsoft account, but it doesn’t start explaining its importance, particularly if the account is used for essential email and cloud storage.
Follow these five measures to build and secure a solid safety baseline against intruders.
What is your most useful and secure online account? If you are signing into a Windows PC with a Microsoft password, you should be most jealously holding your account and e-mail address. This is extremely valid if you are using the OneDrive and Office 365 documents Microsoft account.
In this post, I list five steps to help you lock your account so that online attacks are secure. As usual, it combines comfort and security, so I have separated the steps into three groupings, depending on how close the Microsoft account is to lock. (It’s worth noting that this article includes Microsoft user profiles for Office 365, Microsoft 365, and OneDrive Home and Personal Editions. Microsoft 365 enterprise and corporate security settings are administered by the domain managers through Azure Active Directory and use a whole variety of tools.)
Security Framework
This is enough for most ordinary PC users in particular for those who do not use the Microsoft email address as their primary signup element. This is a good choice if you support a peer or family who is technically untrained and password-intimidated.
At least you can create a secure password that is not used by any other user for your Microsoft account.
In addition, a two-step search (Microsoft Multi-factor Authentication) should be enabled to protect you from phishing and other types of password theft. If this is allowed, you have to provide an extra evidence of your identity when you first sign up for a new computer or when performing a high-risk operation, for example paying for a transaction online. The additional test usually consists of a code sent to a trustworthy computer as an SMS text message or an email message to a registered replacement account.
These basic safeguards are sufficient, but with a few additional measures you can greatly tighten protection.
First, update your iPhone or Android smartphone with the Microsoft Authenticator application and set it as a sign-in and authentication option. Then uninstall the option to check your identity by using text SMS messages.
This setup helps you to still authenticate your cell phone, but a desired intruder cannot intercept text or fake your phone number.
Optimal Protection
For the best reliability, install at least one physical hardware key for the Microsoft Authenticator app and as a backup authentication factor, optionally delete email addresses. This configuration renders even the most committed intruder serious roadblocks.
It needs an additional hardware commitment and undoubtedly brings a touch of complexity to the sign-in process, but it is by far the most efficient way to protect your Microsoft account.
First Thing First! Change Password
However, passwords that are hard to recall can also decrease device protection, since a) users will have to written down or store the password electronically, (b) users may require regular password resets and (c) users are more likely to use the same password through different default schemes. Similarly, the higher the password requirement, such as “have a mix of uppercase and lowercase letters and digits” or “change it monthly” the higher the extent at which users are going to subvert their systems. Some claim that longer passwords provide greater protection (e.g. entropy) than shorter passwords, which include a wide range of characteristics.
For your Microsoft account you need a solid, unique password. The easiest way to ensure you have met this obligation is to use the software of your password manager to create a brand-new password. There are several tools available these days but main are:
New password generation means that you cannot swap your account passwords with any other account; it also assures that an older password that you might accidentally have reused is not a password violation.
Go to the Microsoft Account Security Basics page on https://account.microsoft.com/security/ to update your password. Sign up, then press Change Password if necessary.
Follow the Password Manager to save the latest password. If you need a physical backup, feel free to write it down. Only keep your document in a secure place like a closed file drawer or a safe place.
Secure Recovery Code
The next move is to save a code for recovery. If you are never able to sign in or you have lost the password, you will be protected from being turned off indefinitely if you have access to this code.
See the Advanced Security Solutions section on the Microsoft Account Security Basics page and click Get Started. This takes you to the not-so-basic security page of Microsoft Account. (To go directly there, bookmark this address: https://account.live.com/proof/manage/extra.)
Scroll down the page and scan the segment Recovery Code. To view a dialog box such as the one seen here, press Create a New Code.
Print the recovery code and file it in the same locked or secure file cabinet where the password is put.
(Microsoft encourages you to only create one file for a Microsoft Account at the same time. Generating a new code invalidates the existing code.)
2 Steps Verification Adds another layer of defence
Don’t just quit the Protection Microsoft Account tab. Scroll instead to the two-stage verification segment and check that this feature is allowed.
The configuration method is a fairly basic assistant that confirms that you will accept authentication notifications. You should easily ignore the prompt to create an app password for the mail client on such phones by using a new smartphone with an up-to-date iOS or Android version.
Use this dialog box to connect your account safe authentication options.
Additional Email Address for Security
Microsoft advises that in addition to your password, you have at least two ways of authentication available. When a two-step authentication is allowed, you need to reset your password, all of which must be given, otherwise you are in danger of being permanently locked out.
A free email address, such as a Gmail account, is appropriate if the protection requirements are limited, but an email address for company is much greater. You can get a verification code sent to that address if necessary.
Go to the advanced Protection Microsoft Account page (https://account.live.com/proofs/Manage/additional) and press Add New Way To Sign In or Verify.
Pick the option Email A Code, enter your email address and enter the code you will obtain to verify this authentication option.
Grab Microsoft Authenticator App
Smartphone applications that produce one-time password algorithm (TOTP) codes are becoming increasingly common in multi-factor authentication, and I highly recommend to Microsoft Authenticator App to maximise your account protection.
Even if you use another authenticator software for most of your utilities, I prefer using your Microsoft Account with Microsoft Authenticator. Any sign-in attempt involving authentication sends a push notice to your smartphone in this setup. Approve the submission and you’re done.
An extra advantage is that you can use the Microsoft Authenticator app both for password less sign-in and authentication.
To build a Microsoft Account Authenticator, go to Microsoft’s advanced Protection Microsoft Account page and press Add a New Way To Log in or Validate. Choose the Use an App option and sign in with your account credentials after downloading the Microsoft Authenticator app.
