Apr 17, 2013 8:53 am by Kip Kniskern | 6 comments
As we told you last week, Microsoft is ready to enable 2 step verification for all of its services accessible via “Microsoft account”, as outlined in a new blog post on the Official Microsoft Blog.
We gave you many of the details of the new process in our post last week, including the use of an “Authenticator app”, and that the process will not currently work with “linked accounts” – that is, accounts that you have set up to be able to access under one single Microsoft account login. And in a somewhat related post, also on the Microsoft Official blog, Tim Rains, Director of Trustworthy Computing at Microsoft posted this morning on a new research report showing that 24% of PCs are unprotected by antivirus software, and they are 5.5 times more likely to be infected by viruses.
To get started using 2 step verification when it goes live for you within the next few days, log in https://account.live.com/proofs/Manage:
Over the next couple days we will roll out a major upgrade to Microsoft account, including optional two-step verification to help keep your account more secure.
Microsoft has increasingly focused on delivering connected devices and services that are currently used by more than 700 million people around the world. A Microsoft account is the key that unlocks your experience across these products—from your Windows PC to your Windows Phone, from Xbox to Outlook.com, from SkyDrive and Skype to Office and much more.
Given this critical role for Microsoft account, we remain vigilant in working hard to protect your account, which is why we’re adding an option so you can enable two-step verification to further protect yourself. You should see this option show up in your account in the next few days. You can enable this capability at https://account.live.com/proofs/Manage.
The new 2 step verification will provide an added layer of security for access to Microsoft services, but at this time Microsoft accounts are still hampered by a 16 character limit, something that is proving challenging for Microsoft to change, according to this MIcrosoft Answers post from last October by “Abdon_M”, a Microsoft Forums moderator:
Windows Live ID passwords have always been limited to 16 characters. What has changed is the login page now gives you immediate feedback to ensure you understand your password is not more than 16 characters.
To avoid this error message, do not enter more than 16 characters.
We are working on increasing the maximum password length. Unfortunately, for historical reasons, the password validation logic is decentralized across different products, so it’s a bigger change than it should be and takes longer to get to market.
The answer came as a response to changes to the login screen that prompt you to change your long passwords to something less than 16 characters. Microsoft itself recommends using long passwords (“with 8 characters or more”) in its Safety and Security Center how-to on creating strong passwords.
Still, providing 2 step verification is a plus, and it’s a good reminder to review your online security presence, and perhaps to update those passwords you’ve been using for years while adding in the additional security of 2 step verification. Be safe out there!