Microsoft moves to optional two-factor authentication
In the days to come, users of Outlook.com, Skype and SkyDrive will be given the option of adding a second form of authentication
IDG News Service - Following similar initiatives by Apple, Google and Facebook, Microsoft is enabling two-factor authentication for its Microsoft Account service, the log-on service for many of its online and desktop products.
"With this release you can choose to protect your entire account with two-step verification, regardless of what service (or device) you are using with your Microsoft account," wrote Eric Doerr, Microsoft Account group program manager, in a blog entry announcing the secondary authentication. "It's your choice whether you want to enable this, but for those of you that are looking for ways to add additional security to your account, we've worked hard to make set-up really easy."
With two-factor authentication, a user logging in to a service or device supplies a second piece of information in addition to a password, thus making it impossible for another party to gain illicit access to the user's accounts without all the separate pieces of information. Microsoft is using additional verification methods such as a short code sent to the user's mobile phone, which is then entered in addition to the password, or by asking the user to supply additional information, such as an alternative email address.
Microsoft Account, formerly called Windows Live ID, is a single sign-on Web service to authenticate users of Outlook.com, SkyDrive, Skype, and other Microsoft services. It can also be used as an authentication mechanism for Windows PCs, the Xbox and Microsoft Office. Overall, Microsoft has over 700 million users registered to Microsoft Account.
Users will find instructions on how to add a second form of authentication on the Microsoft Account settings page. The chief form of secondary authentication will be a short code sent to the user's mobile phone, the number of which Microsoft will keep on file, each time the user logs on.
As an alternative to security codes, Microsoft is providing a number of other forms of authentication as well. For smartphones, users can deploy an authenticator app. Microsoft has released an authenticator app for Windows Phones, and third-party authenticator apps can be used for other platforms. For those devices that do not directly support two-factor authentication, such as the Xbox, users can get a secondary password, one unique to each device.
Microsoft can also keep a list of trusted devices designated by the user. With such devices, users enter a security code once and have that device remembered in future visits, eliminating the need to enter the security code for each log in. Microsoft currently offers this capability, but only with Internet Explorer and the use of additional software. Users can manage their list of trusted devices through their account settings page.
Doerr cautioned that, though more secure, two-factor authentication can be more difficult to manage. Losing a security code results in a 30 day wait for a new code. And Microsoft is asking for at least two pieces of information on file, in case one of the pieces is lost or forgotten. And if the user loses both the password and all the security information, he or she will not be able to access the account again.
- Path Selection Infographic Path Selection Infographic
- Hyperconvergence Infographic A wide range of observers agree that data centers are now entering an era of "hyperconvergence" that will raise network traffic levels faster...
- Preparing Your Infrastructure for the Hyperconvergence Era From cloud computing and virtualization to mobility and unified communications, an array of innovative technologies is transforming today's data centers.
- How WAN Optimization Helps Enterprises Reduce Costs If you wanted to break down innovation into a tidy equation, it might go something like this: Technology + Connectivity = Productivity. Productivity...
- Druva inSync: Endpoint Data Protection & Governance CLICK HERE to watch this video about protecting corporate data on laptops and mobile devices, sponsored by Druva.
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Data Security White Papers | Webcasts
Our new weekly Consumerization of IT newsletter covers a wide range of trends including BYOD, smartphones, tablets, MDM, cloud, social and what it all means for IT. Subscribe now and stay up to date!