This article gives an in-depth knowledge of how you can set up two-factor authentication for your Microsoft account and manage it to make it more secure, and how you can recover it if you ever forgot your password.

What is Two-Factor Authentication

Two-factor authentication protects your online account(s) with an additional security layer, which you can bypass. It requires you to pass a verification exam, which only you can do, and only then will it log in to your account. This verification method is accomplished with 2 basic things: a password and something you have (such as your phone). For instance, if you are logging in to your Microsoft account with 2FA enabled, Microsoft will ask you for an additional security response by either sending you a text on your number or an email on your alternative email address with a one-time code or authenticating it through a dedicated app (Microsoft Authenticator) on your phone. Usually, two-factor authentication for a Microsoft account requires two forms of authentication methods. However, it is recommended that you have three (in case you lose one method, like losing your phone). This additional form of authentication is also helpful in recovering your account in case you are locked out or forget your password.

How to Set Up Two-Factor Authentication on Microsoft Account

To configure 2FA for a Microsoft account, you will need an additional verification method to log into your account, other than a password every time. This additional method can be used in the following forms:

A notification through the Authenticator app.A verification code generated through the Authenticator app.A verification code received via text message on your phone number.Verficiation through a phone call.A verification code received via email on an alternative email address.

You can choose which method you would prefer. The method to change your verification preference has been discussed further in this article. Before you can set up two-factor authentication for your Microsoft account, you must first provide details of alternative methods that Microsoft can contact you.

How to Add Security Information for Two-Factor Authentication

If you have not already added a phone number or an alternative email address to your Microsoft account, follow the steps below to do so now: Once done, you will now have both a phone number and an alternative email address to be used for two-factor authentication. Let us now proceed with setting up two-factor authentication.

Turn on Two-Factor Authentication on Microsoft Account

Now that the security information has been added, it is time to complete the process of turning on two-factor authentication. You have now successfully switched on two-factor authentication. If you or anyone else signs in from an unrecognized device, they will be asked to provide a secondary verification mode.

Set Up Microsoft Authenticator

Microsoft Authenticator is an application developed for Android and iOS that can be used for two-factor authentication. Once configured, the app will prompt for verification on your phone. Note that this requires two-factor authentication to be enabled from your Microsoft account as performed above. Perform the steps below on your phone to configure the Microsoft Authenticator: Now when you sign in to your Microsoft account, you will be asked to click on a specific number from the Authenticator app on your phone. If it is you who is logging in, select the corresponding number and click Approve.Click on the corresponding number through Microsoft Authenticator If you have the Authenticator app installed, it automatically gives preferences over other two-factor authentication methods. If you do not have the app with you, click I don’t have access to my Microsoft Authenticator app and proceed to the remaining two-factor authentication methods.

App Password for Two-Factor Authentication

If you have configured two-factor authentication for your Microsoft account, it may be possible that some applications that need to access your account (such as Microsoft Outlook) may no longer be able to do so. In that case, you need to configure an app password, using which the application (outlook, etc.) can communicate with your account.

Set Up App Password for Two-Factor Authentication

Note: Two-factor authentication needs to be enabled to set up an app password. Follow the steps below to generate a password and use it in an application: Once the password has been entered, the app can communicate with your Microsoft account. To learn how to use this password with an app, read this Microsoft guide. Remember that you need to create a new app password for each app since one password cannot be used for more than one app.

Remove App Password for Two-Factor Authentication

If you are no longer using the app with the account with 2FA, here is how you can remove the app passwords: The app passwords will be removed. However, some apps may now become dysfunctional with two-factor authentication enabled.

How to Change Security Information for Two-Factor Authentication

It may be possible that you have changed your phone number, lost your phone, or simply want to change the alternative email you have configured for two-factor authentication on your Microsoft account. In that case, you can add a new phone number or email address using the same method given in “How to Add Security Information for Two-Factor Authentication” above. Once done, you can now safely remove your old information by expanding the relevant option on the Advanced security options page and then clicking Remove. When asked for a confirmation, click Remove again. Your security information will now be removed.

How to Disable Two-Factor Authentication on Microsoft Account

Many users find it frustrating to verify your login via two-factor authentication every time you sign in to a new device. If you believe your account is secure otherwise, you can disable this authentication method using the following steps: Two-factor authentication will now be disabled. However, Microsoft will still use your phone number and alternative email address to send codes when it detects a security risk. Furthermore, if two-factor authentication is disabled, you will also need to remove app passwords from the applications that you previously configured (if any).

Final Thoughts

Two-factor authentication helps you keep your account secure. Anything linked to your Microsoft account will also become more secure if it is enabled. For this reason, we recommend that you enable 2FA on all digital accounts, so that you can make them more secure. Also see:

How to Activate Two Factor Authentication On Your Google AccountHow to Enable Two-Factor Authentication For Facebook, Instagram, WhatsAppHow To Convert Your Gmail Account To Outlook.com Email AccountHow To Create A New Microsoft Account Using Gmail IDHow to Save, Remove, Edit Credit Card information in web browsers