Microsoft plans to introduce an extension that will make the login process for Microsoft accounts more secure.
The method, called “two-step verification,” will require not only a conventional password, but also a code the user gets by text message, email, or from a special app, according to a Microsoft blog post.
The Microsoft Authenticator app uses a standard protocol to create one-time codes that can also work for services like Google and Dropbox. Microsoft does not specify in its announcement what that standard is.
Google introduced two-factor authentication more than two years ago, especially the option to go through the two-step process only once on devices that see use often. And just like Google’s method, there will be application-specific passwords for certain programs and services that don’t support two-factor authentication.
Things could get difficult if users find themselves unable to receive or generate the codes needed for the second step, for example if their smartphone ends up stolen. Without the second code, users will have to wait 30 days before being able to access their account, Microsoft said. In Google’s system, users can generate special backup codes and keep them safe for such cases, a recommended step. Microsoft will most likely also include some kind of backup system at some point. If a user can’t produce either of the two codes, they will simply lose access to their user account, according to the blog post.
According to the announcement, the new option will turn up in the next few days under “Security info” in the settings for each Microsoft account.