The Microsoft Account log-in system is finally leaving beta testing. The program once turned on for all users will mark the company’s first widespread use of two-factor authentication.
The team at LiveSide recently spotted an authenticator app for Windows Phone. The app was updated on April 4, and accompanying text for the app claims that the Authenticator can be paired with a Microsoft account by scanning a barcode or entering a secret key.
The new URL, which points to Live accounts, does not appear to be setup for two-factor authentication at this time.
The program will work by having the Microsoft app periodically generate a code which can be entered when a user tries to log into their account from untrusted computers and other devices.
Microsoft is hardly the first company to offer this type of two-factor authentication. Google, Apple, Blizzard, and various other providers also offer a rotating code scheme with their two-factor authentication platforms.
The system is not an all-in-one approach for Microsoft. For example, the system will not work with Microsoft Accounts that are linked to others. In some cases, users may need to unlink an account before securing it.
If a device or app does not support Microsoft Accounts, it may be able to use an “app password” that is generated specifically for that log-in. Google uses an app password setup within its own authentication system.
Here is an example of two-factor authentication as used by cloud storage service Dropbox:
In the last several months, the number of hacked accounts has continued to grow. Those breaches have in turn led to the tightening of security. Even with two-factor authentication, the decision to secure accounts in such a way still falls to each individual user. Individuals who do not want to use two-factor authentication are encouraged to use different complex passwords for each of their various accounts.
Will you be turning on Microsoft’s two-factor authentication when it is made available?