While we would strongly recommend that you update your passwords more than once a year, now is as good a time as any to do so. Reflecting on this, let’s go over how to fully lock down your Microsoft accounts.
We should start with a bit of a warning. In December, a massive cybersecurity attack targeted the US government via (along with other tools) Microsoft Office. As it was revealed, foreign hackers were monitoring the US Treasury Department and the National Telecommunications and Information Administration through their email accounts.
While Microsoft hasn’t identified any specific vulnerabilities within their cloud services or applications (a good sign, for certain), they have shared some practices to help users properly and comprehensively secure their data. These practices are important to keep in mind for both your personal and business accounts.
What is Included in a Microsoft Account?
Your Microsoft account will include many programs under its purview… basically, anything that Microsoft contributes to will be tied to this account, including:
- Windows
- Outlook
- Office
- Skype
- OneDrive
- Xbox Live
- Bing
- Microsoft Store
- MSN
How to Update Your Microsoft Account Password
Microsoft has made the process somewhat simple and straightforward.
- Visit https://account.microsoft.com/
- Click Sign In on the top right if you aren’t already signed in. If you are already signed in, the page will display your name with options about your subscriptions and other services. Once you sign in with your email and password, you’ll be taken to this page.
- Towards the top of the page, on the right-hand side, you’ll see an option that says Change Password. Click it.
- If you have Two-step verification enabled, it will walk you through verifying your account with a text, an email, or using the Microsoft Authenticator app. If you don’t have that set up, don’t worry, we’re going to get you set up after you change your password.
- Once prompted, enter your current password, and then come up with a brand-new password.
An important consideration: You need to make sure that every password you create abides by certain best practices, like not being used for more than one account and involving no personal details or identifiable information. If pressed, select four random and unrelated words, switch up some of the capitalization, and substitute numbers and symbols for some letters—the more complicated, the better.
Helpfully, Microsoft has included a feature that will require a password change every 72 days. While this sounds like a pain to deal with, it can help reduce the chance of your password being breached and therefore can keep your account more secure.
Additional Security Features
While we’re changing your password, let’s go ahead and add another layer to your security in the form of Two-Step Verification. Setting this up will require you to provide proof of your authenticity beyond just having the right username and password. Work accounts may need administrator permissions to activate it, but it is worth doing.
Once you change your password, you should be directed to Microsoft’s account security page, where you will find the option to activate two-step verification. You’ll be walked through the process via on-screen instructions that will tell you how to link an authenticator application on your smartphone (like Google Authenticator, LastPass Authenticator, Duo Mobile, and other examples). If you don’t have one, you’ll be instructed how to set up Microsoft Authenticator, or you can opt in to one of these other options.
You’ll be taken through the setup process and asked to verify your contact information.
From that point forward, you’ll need to use your authentication app to log into your Microsoft account on a new device, or anytime you want to make changes like updating your password. You’ll be able to use other programs, like Word or Outlook, as normal. Make sure that you keep an eye on your emails and text messages for any Microsoft may send you.
This process can take mere minutes but deliver lasting benefits to your security. For more assistance with locking down your work accounts, or any other of your IT needs, make sure you reach out to ExcalTech by calling (833) 392-2583.