How to protect your Microsoft account with two-step verification (2SV)

Harden your accounts from hackers.

David bisson
David Bisson

How to protect your Microsoft account with two-step verification (2SV)

Users can do a lot of things these days with a Microsoft account.

They can use it to sign into their OneDrive profile and access their files and photos from anywhere. They can log in to Skype and catch up with their relative who lives overseas or touch base with their project team. They can even authenticate themselves on Xbox and play their favorite video games online.

Given the applicability of a Microsoft account, users should do everything they can to prevent hackers from gaining access to their connected profiles.

Sign up to our free newsletter.
Security news, advice, and tips.

One of the best ways they can do this is by enabling two-step verification (2SV). It’s a feature that (although not quite the same as two-factor authentication (2FA)) adds another step to the login process for a web service.

Here’s how you can enable 2SV on your Microsoft account.

  1. Visit Microsoft’s Security settings page and sign in with your account.
  1. On that page, you’ll see the option of setting up “Two-step verification.” Click on the link “Set up two-step verification.”

Two step verification microsoft

  1. Follow the instructions.

Like many other web services that come with a 2SV option, Microsoft allows users to verify themselves via a code that’s sent to their phone or email address. But Microsoft also comes with something most other web services don’t have: an authenticator app for Android and iOS.

Microsoft authenticator 1

Simply enter in your Microsoft account credentials and hit “OK” when you’re finished. You can then use the app to verify yourself by submitting a verification code generated by the app. Alternatively, you can approve a login request sent directly to your device.


Microsoft Authenticator doesn’t require a mobile connection. That means you can still access your 2SV-protected account even when there’s no available cell service, such as when you’re on a plane or at a remote location.

If you prefer you can use a different authenticator app like Google Authenticator or 2STP to do the same.

And that’s all there is to it!

Now you can rest easy knowing that should anyone ever compromise your Microsoft login details, they shouldn’t be able to steal access to your account.

Read more:

David Bisson is an infosec news junkie and security journalist. He works as Contributing Editor for Graham Cluley Security News and Associate Editor for Tripwire's "The State of Security" blog.

One comment on “How to protect your Microsoft account with two-step verification (2SV)”

  1. Kabir

    I want to use the Authy app but the only option that I see on the Microsoft security page is how to set up Microsoft Authenticator. How do I link my Outlook mail account to Authy?

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.