Microsoft is updating its cross-platform Microsoft account to add optional two-factor authentication for the entire account, the company announced today.
Because two-step authentication will apply for the entire account once it's enabled, it will secure all services and devices under the Microsoft account umbrella, including Windows PCs, Windows Phone devices, Xbox Live, Skype and Outlook. Two-step verification was previously available only for certain uses of the Microsoft account, such as changing credit cards and subscriptions on the Xbox website.
Two-factor authentication works by requiring you to have not just a set of information like a username and password, but also a device on hand as well. Once you log in, a code will be sent to your phone, for example, and only when you enter that code will you be able to access a service. That way, a hacker would still need a device of yours in addition to your login details in order to get into your account.
A Windows Phone app, Authenticator, is already available for offline two-step verification, and while the company hasn't announced iOS or Android versions, Microsoft accounts will support third-party apps like Google Authenticator. You'll be able to set up two-factor authentication here.