Skip to main content

Microsoft bolsters security with two-factor authentication, releases Windows Phone Authenticator app

Microsoft is now rolling out the option to add two-factor authentication across its services.

Microsoft accounts cover all of the firm's services, from Windows PCs and Windows Phones, to, SkyDrive, Skype, and Office.

"Criminals [are] increasingly target[ing] customers online (across all major account systems), and so we constantly update our services to try to stay a step ahead and help keep you safe," Microsoft said in a blog post.

With two-factor authentication, users will be required to enter two passcodes when accessing an account - a normal password and a code sent via text message, for example.

Microsoft already enabled mandatory two-factor authentication for critical activities like editing credit cards and subscriptions on and, or accessing files on a different computer via

With the new update, customers can protect their entire account.

"It's your choice whether you want to enable this, but for those of you that are looking for ways to add additional security to your account, we've worked hard to make set-up really easy," Microsoft said.

To enable, visit It will apply on Windows 8, any web browser, as well as Microsoft apps and services on iOS and Android devices.

There's the option to reduce the number of prompts you receive on often-used or trusted devices; "you use a code sent to a phone or email only once (per web browser per device) and we remember that device in the future." If you don't use the device for 60 days, the code will be reset.

Trusted devices will work across web browsers, not just IE. You can revoke a trusted device in your settings.

"If you have an app or device that doesn't directly support two-step verification (like your Xbox, or setting up email on your smartphone) ... we'll help you set up an app password unique to each application or device," Microsoft said.

For those on Windows Phone, the Redmond-based company released a Microsoft Authenticator app, which will allow for two-step verification when users are offline.

"This is especially helpful if you're on vacation and don't want to pay high roaming fees to receive text messages or phone calls," Microsoft said.

Be warned, though. If you know a password but lose access to the secondary authentication source, Microsoft can only help you after 30 days of inactivity. If you lose both, you're out of luck.

Apple enabled two-factor authentication last month.