For my Friends and Family: You have no excuse not to secure your Microsoft Accounts with Multi-Factor Authentication

I am always begging my close friends and family, many who are not all that technical, to follow basic tenants for securing their digital worlds. From changing their passwords on a regular basis (even having them schedule it to coincide with Daylight Savings Time/Standard Time conversions a la “smoke detector battery changes) to keeping their operating systems and anti-virus software up to date, I warn them that risks are not just for enterprises and governments. In fact, in the past six months, the following has happened to me:

• A good friend of my mother (a female) begins sending me Webcam spam from her Skype account.
• An old high school friend (another female) begin sending out large organ pics (male) to everyone on their Facebook friends list.
• My sister got hit with some serious ransomware. All of her pictures are encrypted with a $500 dollar ransom. She’s still running Windows XP.

Given that my primary accounts for personal use involve Microsoft services and accounts – and I work for Microsoft, I feel compelled to evangelize the fact that all of your Microsoft online accounts (Hotmail, Live, Outlook.com, Office365) can be protected via multi-factor authentication.

 

What is Multifactor Authentication? It is simply a method of authentication that involves at least two disparate factors for authentication. In most cases, single factor authentication involves a simple password for verification of identity. This is the oldest and one of the most archaic and insecure methods of verifying identity. When you enable multifactor authentication, even after submitting a correct password, additional steps are taken to verify you are who you say you are. You may have to do this when you sign on to a web site from an unknown or previous unknown location. In some cases, you may have to answer additional security questions (not the best additional factor but indeed and additional factor) or enter a text code sent to your mobile phone (much more secure secondary factor.)

 

In the case of Microsoft account, the following FAQ answers your questions about the options available

http://windows.microsoft.com/en-us/windows/two-step-verification-faq

If you want to enable multifactor authentication, you can do so under your account profile here:

https://account.live.com/proofs/Manage

If you are accessing Hotmail, Live, Outlook.com from Outlook 2010, 2013, 2016, you will need to set up app passwords (app-specific passwords) after you enable two-step/multifactor authentication

http://windows.microsoft.com/en-us/windows/app-passwords-two-step-verification

An excellent post on Channel 9 along the same lines:

https://channel9.msdn.com/posts/Multi-Factor-Account-Setup

The Authenticator App for Windows Phone gives you codes to use: 

https://www.microsoft.com/en-US/store/apps/Authenticator/9WZDNCRFJ3RJ

This blog post walks you through the process: 

http://blogs.technet.com/b/mspfe/archive/2013/10/02/how-to-use-the-microsoft-authenticator-app-for-windows-phone-to-enable-two-factor-authentication-on-facebook.aspx

https://support.office.com/en-us/article/Set-up-multi-factor-authentication-for-Office-365-8f0454b2-f51a-4d9c-bcde-2c48e41621c6

If you are using an Android phone, the Microsoft Account app will also allow for verification through a one-touch app.

https://play.google.com/store/apps/details?id=com.microsoft.msa.authenticator 

FAQ on additional identity apps verification

http://windows.microsoft.com/en-US/Windows/identity-verification-apps-faq

 

Farewell to Zune

As I write this, within a few hours, the Zune Service is expected to end per earlier announcements. What exactly will happen with the functionality of the Zune 4.8 software, will be only that limited functionality will remain.

I am sad. I loved the Zune player – especially the ZuneHD. I still use the ZuneHD rather than the phone because of the storage space, and the fact that battery consumption is way better on the ZuneHD player than any phone I have used or seen.

It is likely that download subscription content will start to fail at some point once media usage rights need to be re-queried. All other DRM-free MP3/WMA media should still play as expected. I imagine that the device sync will still work as well. I had the pleasure of keeping the 10-song-a-month feature thanks to the grandfather policy. Since this will be ending, I made sure to use my song credits this last time. The songs I chose were:

• Lou Reed – What’s Good
• Roxy Music – Avalon
• Wendy Bagwell – Here Come the Rattlesnakes
• Warren Zevon – Boom-Boom Mancini
• The Cramps – I was a Teenage Werewolf
• Blondie – X-Offender
• Tom Petty – Straight Into Darkness
• Deep Purple – Hush
• Deep Purple – Smoke on the Water
• Deep Purple – Highway Star

(Yes, I have an eclectic variety of tastes)

So What Happens Next?

Per the following KB article: https://support.microsoft.com/en-us/kb/3096659

Existing Zune Services will be converted to Groove Music (formerly XBOX Music) – not to be confused with that other software Microsoft acquired over a decade ago. I’ll be trying to use my ZuneHD with this service.

I used every Zune device that was released and still have them – including the original Zune30 from 2006. I am somewhat sad.