How-To

How to Enable Two-Step Verification (2SV) on Your Microsoft Account

By Brian Burgess

Updated April 1, 2024

Setting up Two-Factor Authentication for your Microsoft account adds a second layer of security for all of your Microsoft services.

If you want to ensure your online accounts you need to enable Two-Factor Authentication (2fa) — i.e., Multi-Factor Authentication (MFA), or as Microsoft (and other online companies) refer to at Two-Step Verification (2SV).

Even if yo use strong and unique passwords for each site, and never use the same password twice, the extra factor of authentication 2fa provides makes it incredibly difficult for a bad actor to hack your account.

Once enabled, 2SV protects all your Microsoft accounts including Outlook, OneDrive, Microsoft 365, Office Online, Xbox — everything tied to your Microsoft account. The extra layer of security will be added everywhere you use your Microsoft account to log in.

Set Up Microsoft Two-Step Verification

You can enable Two-Step Verification (2SV) to your Microsoft account by using the following steps.

1. First, log in to your Microsoft Account at https://account.live.com/proofs/Manage. Scroll down the page to the Additional security section and click the Turn on Link under Two-step verification.
2. On the next page, Microsoft will explain a bit more about 2SV. You’ll need up-to-date security info, an authenticator app, and that you’ll get recovery codes. When you’re ready, click Next.
3. Next, you will be offered to get the Microsoft Authenticator app. If you want to use it click the Get it Now button. But if you want to use a different authenticator app like Google Authenticator or Authy, you can. Just click the “set up a different Authenticator app” link.
4. After you have your authenticator app installed on your phone and ready, scan the QR code on the following page. Then type in the six-digit code the authenticator app generates and click Next.
5. Now two-step verification is turned on. Make sure to write down or print the recovery code it shows on the screen. This will allow you to get into your account in the event you lose your phone or the authenticator app isn’t working. Click Next.
6. The next page will be about Windows Phone. Since that device never caught on and is no longer supported anyway, you can just skip this screen by clicking Next.
7. Now you will get a message about app passwords for certain apps. These apps and devices that are old and some no longer supported — click Finish.

Feature Verification

Once you follow the above steps, you will be brought to the Microsoft Security page. Review your personal information and change it if it’s out-of-date. You will also see that two-step verification is now turned on and enabled. You will also receive an email from Microsoft confirming you turned on 2SV.

Log in Using Two-Step Verification on Microsoft

The next time you log into your Microsoft account you will first need to enter your email and password. Then, as the extra step, you’ll be asked to enter the six-digit code generated by your authenticator app for your account and click Verify.

You can also check the box to not have it ask for a code again. However, you don’t want to check that box if it’s a shared computer.

We’d be remiss if we didn’t mention the new sign in secuirity option called Passkeys. A passkey provides a strong encryption layer to your online accounts and is easier to use than 2SV or 2fa. The cool thing about it is it takes steps away from the 2SV process and is a password-less sign in experience.

Unfortunately, not all online services offer passkeys yet — but Microsoft does. For more, check out how to enable passkeys on your Microsoft account.

Even if you do enable passkeys, it’s important that you add the extra layer of security that 2fa provides on all of your online accounts. The more layers of security you have, the more secure your accounts are. While 2SV may seem inconvenient, remember that convenience is the enemy of securiy!