Microsoft account two-step verificationSource: Windows Central

Your Microsoft account includes support for two-step verification (also known as "two-factor authentication," "2FA," or "multi-factor authentication") to add a second type of verification to increase security, making it harder for malicious individuals to access your information.

In other words, if someone figures out your password, it will be virtually impossible to log into the account because they will also need to provide a second form of authentication that only you can provide.

When using a Microsoft account, you need to use the Microsoft Authenticator app to use two-step verification. After the security feature has been configured, you will only need to confirm the access using your phone to verify you are the person you say you are every time you sign in.

VPN Deals: Lifetime license for $16, monthly plans at $1 & more

In this Windows 10 guide, we will walk you through the steps to configure two-step verification on your Microsoft account to prevent unauthorized access to Outlook, OneDrive, Microsoft 365, Xbox Network, and other Microsoft services.

How to enable two-step verification on Microsoft account

The process to configure the two-step authentication security feature requires that you first add the Microsoft Authenticator app on your phone and then enable the option in the Microsoft account.

Set up Microsoft Authenticator app

The first step to add an extra security layer to your account is to set up the Microsoft Authenticator app on your Android or iOS device. These steps include the details to set up the app on an Android device, but the procedure is similar for iOS devices. (If you already have the app on your phone, you can skip the steps below and continue with the feature setup instructions.)

To configure the Microsoft Authenticator app on Android, use these steps:

  1. Open Google Play Store.
  2. Search for the Microsoft Authenticator app.
  3. Tap the Install button.
  4. Open the app.
  5. Tap the I agree button to continue.
  6. Tap the Sign in with Microsoft button.
  7. Confirm your Microsoft account address.
  8. Click the Next button.
  9. Confirm your account password.
  10. Click the Sign in button.
  11. Select the verification method. For example, secondary email address.
  12. Complete the verification.
  13. Tap the Got it button.

    Microsoft Authenticator appSource: Windows Central

  14. Tap the OK button (if applicable).

Once you complete the steps, a notification will appear on your phone to approve and continue the sign-in automatically when signing into your account.

Set up two-step authentication

The next step is to set up two-step authentication on your Microsoft account. However, before proceeding, it is crucial to have multiple contact information to prevent getting locked out of the account. If you need to update your security information use the steps below then continue setting up the feature.

To enable a more secure verification feature, use these steps:

  1. Open the Microsoft account on the web.
  2. Sign in with your credentials.
  3. Click the Security tab.
  4. Click the Advanced security options tile.

    Advanced security optionsSource: Windows Central

  5. Under the "Additional security" section, click the Turn on option for two-step verification.

    Enable two-step verificationSource: Windows Central

  6. Click the Next button.

    Set up two-step verificationSource: Windows Central

  7. (Optional) If you use the Outlook app on your phone, select the platform, and follow the directions to enable the app to sync your emails with an app password.
  8. Click the Next button again.

    Microsoft account smart phone app passwordSource: Windows Central

  9. Click the Finish button.

    Two-factor authentication app password recommendationsSource: Windows Central

After you complete the steps, when logging in from an unrecognized device, you will receive an alert on your phone to confirm you are the one trying to access the account.

How to add security info for two-step verification

When you enable the two-step verification feature on your Microsoft account, a second form of authentication request will appear every time you sign in. Also, if you forget the password, you will need to have two contact methods to regain access. As a result, before enabling the feature, you have to ensure that you have at least three secondary contacts, which can be a mix of emails or phone numbers.

To add security information to a Microsoft account, use these steps:

  1. Open the Microsoft account on the web.
  2. Sign in with your credentials.
  3. Click the Security tab.
  4. Click the Advanced security options tile.

    Advanced security optionsSource: Windows Central

  5. Under the "Ways to prove who you are" section, click the Add a new way to sign in or verify option.

    Add a new way to sign in or verifySource: Windows Central

  6. Select the verification option — for example, Email a code, but you can choose an app, phone text, Windows Hello, or security key.

    Microsoft account recovery optionsSource: Windows Central

  7. Confirm the alternative email address.

    Add alternative email address to Microsoft accountSource: Windows Central

  8. Click the Next button.
  9. Check the code in the alternative email account.
  10. Confirm the code on the Microsoft account page.
  11. Click the Next button.

Once you complete the steps, as you access the account, you can complete the security code using one of the contact methods on the account.

How to create an app password for two-step verification

Two-step authentication is not supported by all devices and applications, which means that in some cases, you will need to create an app password to access the account.

To create an app password on a Microsoft account, use these steps:

  1. Open the Microsoft account on the web.
  2. Sign in with your credentials.
  3. Click the Security tab.
  4. Click the Advanced security options tile.

    Advanced security optionsSource: Windows Central

  5. Under the "App passwords" section, click the Create a new app password option.

    Create a new app password optionSource: Windows Central

  6. Use the generated password on the app or device that doesn't support a security code.

    Create a new app password optionSource: Windows Central

  7. Click the Done button.

After you complete the steps, the app will be able to access the Microsoft account while two-step verification is enabled.

Delete app passwords

To delete an app password from your Microsoft account, use these steps:

  1. Open the Microsoft account on the web.
  2. Sign in with your credentials.
  3. Click the Security tab.
  4. Click the Advanced security options tile.

    Advanced security optionsSource: Windows Central

  5. Under the "App passwords" section, click the Remove existing app passwords option.

    Microsoft Account remove existing app passwordsSource: Windows Central

  6. Click the Remove button.
  7. Click the OK button.

Once you complete the steps, the existing app passwords will be deleted from the account, revoking app access.

How to disable two-step verification on Microsoft account

In the rare case that this feature is for you, you can disable 2FA to use the less secure one-step verification.

To disable two-step verification, use these steps:

  1. Open the Microsoft account on the web.
  2. Sign in with your credentials.
  3. Click the Security tab.
  4. Click the Advanced security options tile.

    Advanced security optionsSource: Windows Central

  5. Under the "Additional security" section, click the Turn off option.

    Microsoft account two-step verification disable optionSource: Windows Central

  6. Click the Yes button.

After you complete the steps, you will continue to receive security access codes and when the system detects a security risk.

If you are disabling the security feature, you will also have to update the services you have previously configured with an app password to use the traditional authentication method.

More Windows resources

For more helpful articles, coverage, and answers to common questions about Windows 10 and Windows 11, visit the following resources:

We may earn a commission for purchases using our links. Learn more.