Microsoft Account – Optional Two-Step Verification
April 17, 2013
- Microsoft will begin deploying a new, but optional, verification procedure requiring the user to provide two types of security information prior to accessing their Microsoft account.
- This feature change is optional
- Microsoft accounts provide the ability to configure multiple types of security proofs
- Security proof types previously and currently available are – SMS capable phone number, Alternate E-mail address, Trusted PC, and Secret Question
- Multiple entries (more than one) of specific security proof types can be configured (e.g. two phone numbers, two alternate email address, two Trusted Pcs)
- Enabling two-step verification will ensure Microsoft verifies that at least two pieces of security information are on file for the respective Microsoft Account on the Microsoft servers and /or user provided during verification when signing on.
- Enabling two-step verification will also provide the option to opt-out of providing security codes after an initial two-step verification (per browser per device). Choosing this option will require using the device to sign on to the respective Microsoft account at least once every 60 days.
- Maintaining and updating your account security proofs will be important/necessary for any devices used to access Microsoft account services
- If your security information changes (e.g. Phone, Alternate Email) it should be considered mandatory to update your Microsoft account before wiping/deleting the old information.
April 17, 2013: Original Draft and Publish Date