As Windows 10 becomes more and more personalized for each user, Microsoft Account (MSA) is now a very important component in the system. By default, a lot of things are set to backup and store in your MSA including settings references, themes, and passwords. Even your Windows activation information is lied in MSA so you can easily activate Windows in case of reinstalling. This makes losing your MSA a nightmare and the attacker can do great harm to you with all the information stored in the MSA. To prevent this, there are many things you can do, one of them is enable two-step verification for the account.
What is two-step verification?
Two-step verification has been popular in recent years as an effective way to protect an account from unauthorized access. To explain it, think of your password as the first step in verification process when you logging in. Next, you will need to provide a security code that uniquely generated for your account. This code need to be created on another device via an app or sent to you via e-mail and text message. The code will expire after a while too. So even someone has your password, they will also need a code to successfully log into your account when two-step verification enabled.
How to enable two-step verification for your Microsoft Account
- Go to http://account.microsoft.com/privacy 
- Select “More security settings” in Account Security section
- Select “Set-up two-step verification” in Two-step Verification section
- Now follow the on-screen instruction. It’ll ask you to select to receive a code via a phone app, text message or e-mail. In my experience, phone app is the best option because it’s very fast to obtain a code when you need.
- Follow the instruction both on the website and your phone app and you’re done.
While choosing to get a code via an app, you’ll see that on iPhone and Android, it uses a Google Authenticator app to generate the code. Why on Earth Microsoft uses a Google app for their stuff? It’s because this method of two-step verification is a universal thing. These giants agree to share a secret algorithm that generates a code based on many things that uniquely tied to the account. One of these thing is the time at which the code is created. That means you always get a different code after a few moments. Once you have a code, it will expire soon if you don’t use it.
When you had everything done, using the thing is pretty straight forward. So anytime you login for an unrecognized device, the webpage will ask for a security code. Just open the app on your phone (or use whatever method you chose to obtain the code) and enter the code. There’s a box you can check to make the webpage remember you so next time you login on this same computer, there’s no need for a code.
And that is it about two-step verification. It definitely gives you an extra layer of protection. Hope your MSA is safe and sound now.