April 17, 2013
Microsoft To Roll Out Two-Step Verification For Accounts
Michael Harper for redOrbit.com — Your Universe Online
Just as Dropbox, Google and others have done over the last year, Microsoft will now give users the option to turn on two-step verification before signing in to their Accounts. This adds an extra step in the login process to ensure only the right person is signing in and makes it difficult for trespassers to access a user´s important information. Microsoft will begin rolling out this service “over the next couple days” to their more than 700 million global Account holders.
“More than a year ago, we began bringing two-step verification for certain critical activities, like editing credit cards and subscriptions at commerce.microsoft.com and xbox.com, or accessing files on another one of your computers through SkyDrive.com,” reads the introductory blog.
Microsoft notes that two-step verification is now required for these services.
“With this release you can choose to protect your entire account with two-step verification, regardless of what service (or device) you are using with your Microsoft account. It´s your choice whether you want to enable this, but for those of you that are looking for ways to add additional security to your account, we´ve worked hard to make set-up really easy.”
Microsoft´s version of two-step verification will also use an authenticator app that will display the final verification code before logging in. Microsoft says this verification will work across their entire host of services and offerings.
A Microsoft Account user who wants to sign into Outlook.com with two-step verification turned on, for instance, will have to enter their Account name and password first. The user will then receive a notification from their authenticator app on their smartphone with a secret code. This code is the final key to unlock the service. Unless a potential thief has a user´s computer, smartphone and passwords, it´s likely they won´t be able to break into the Account.
Though longer passwords are always more secure than shorter ones, Microsoft has said they have no plans to lift their 16-character limit on these passwords. According to the Associated Press, Microsoft has said that even long passwords, when used for multiple services, can be broken and therefore are insecure.
As it is with any form of security, one must sacrifice convenience for security and vice versa. In other words, turning on the new two-step verification will make it more difficult to access your Account, which could be troublesome for someone who needs constant in and out access. However, this new feature also makes Accounts even more secure. Google and Dropbox began offering this two-step authentication on their services last year to help protect their users´ sensitive information.