Like The Herald Business Journal on Facebook!
The Herald of Everett, Washington
Heraldnet.com

The top local business stories in your email

Contact Us:

Josh O'Connor
Publisher
Phone: 425-339-3007
joconnor@heraldnet.com

Jody Knoblich
General Sales Manager
Phone: 425-339-3445
Fax: 425-339-3049
jknoblich@heraldnet.com

Jim Davis
Editor
Phone: 425-339-3097
jdavis@heraldnet.com

Site address:
1800 41st Street, S-300,
Everett, WA 98203

Mailing address:
P.O. Box 930
Everett, WA 98206

HBJ RSS feeds

Microsoft offers security enhancement for sign-ins

SHARE: facebook Twitter icon Linkedin icon Google+ icon Email icon |  PRINTER-FRIENDLY  |  COMMENTS
By Anick Jesdanun
Associated Press
Published:
NEW YORK -- Microsoft is offering enhanced security for its email, storage and other services.
People who turn on the new feature will be asked not just for a username and password, but also a second piece of information, such as a temporary code sent as a text message to a phone on file. Google Inc. and Facebook Inc. already allow two-step verification as an option.
The security enhancements work with all Microsoft accounts, such as email addresses ending in Hotmail.com, MSN.com and Outlook.com. Those accounts unlock a range of Microsoft Corp. products, including email, Skype, SkyDrive storage, Xbox gaming, Office software subscriptions and Windows 8 machines.
Microsoft has no plans, however, to lift its current 16-character limit on passwords. Having a long password is one way to thwart hackers by making it harder to guess. In a statement, Microsoft says passwords are often compromised when people reuse them on multiple sites, respond to scam email messages or use machines that have malicious software. Longer passwords aren't helpful in those situations, the company says.
Two-step verification is one way to improve security without a longer password. Someone able to guess your password would still need physical access to your phone for the second code, for instance.
Microsoft already requires a second code for sensitive activities, such as editing credit card information. The new feature, available in the coming days, will allow people to require that for all tasks.
So if you're logging on from a new personal computer or mobile device, you'll be asked for that second code, sent to a phone number or an alternative email address on file. If you're offline and unable to get that second code, you can generate one using a Microsoft Authenticator app on Windows Phone devices. Those using iPhones or Android devices can install a third-party authenticator app compatible with Microsoft's system.
If you use a particular computer regularly, you can have that device remember that you're legitimate, so you're not asked for the second code again and again. But you may still have to provide one if you are switching Web browsers or if you haven't used that device for 60 days. If you lose a phone, you can revoke access remotely.
While two-step verification makes accounts safer, it requires more work to use and maintain, particularly if you change your phone number or the alternative email address. If you forget to update that information beforehand and you lose access to both, you'll need to go through a recovery process that comes a 30-day waiting period. The waiting period is to ensure that a hacker doesn't try to use it to take over your account.

MORE HBJ HEADLINES

CALENDAR

Share your comments: Log in using your HeraldNet account or your Facebook, Twitter or Disqus profile. Comments that violate the rules are subject to removal. Please see our terms of use. Please note that you must verify your email address for your comments to appear.

You are logged in using your HeraldNet ID. Click here to update your profile. | Log out.

Our new comment system is not supported in IE 7. Please upgrade your browser here.

comments powered by Disqus