Authenticator and a two factor security reminder

Published by at

Although already covered 18 months ago, when the feature first started rolling out, given the proliferation of hacks, spoofs and other malarkey happening online, I wanted to give a brief Friday shout-out to Microsoft's two factor authentication system and the Authenticator application. If you lost control of your Microsoft account and your Office, OneDrive and Outlook/Live data was open to all, not to mention applications which piggy-backed on all this, wouldn't you be rather screwed? If so, maybe it really is time to bite the bullet and turn on 'two factor'..

Normally two-factor authentication involves a phone call/text/email to verify that you are who you say you are when logging in, but do note that in Microsoft's case there are handy Authenticator applications for each platform. Not least Windows Phone here.

The idea is that, when logging in from a new device, browser or application (each is 'trusted' for up to 60 days), you'll be redirected to a web security form and you can then just type in the numeric code given by the Authenticator application on your chosen mobile device. Each code is valid is for 30 seconds and then it refreshes (and the expected code changes at the server to match) so you do have to be relatively quick and distraction-free, but the system does work. And gives tremendous peace of mind, that even if your Microsoft account and password were to be hacked or guessed, there would still be no access to your account without physical possession of your phone too.

As an illustration, here's a brief walkthrough:


Under your account panel on or (etc.), head for 'Manage advanced security'...


Before getting to the 'two factor' enabling, you'll be offered the chance to pair your account with the Authenticator application, so click on 'Set it up now' etc.


A wizard points you in the right direction for a suitable utility - the numeric, time-coded system is an industry standard, so the application doesn't have to come from Microsoft, but hey, why not, it's one less company and developer to trust?


You then install Authenticator on Windows Phone and pair it with the QR code shown. Thereafter, running the app for this named account gives a 30-second valid code which can be input where needed:

Scanning the QR code and generating a numeric access code

The system works well. Windows Phone 8.1 (and onwards) applications hook into the OS's own authentication, but older applications/phones and - of course - third party applications and all apps on other platforms which want access - all need application-specific passwords, which you can set up here. They're a pain to have to input, but it's a one-time thing per app and the peace of mind overall is tremendous.

You can grab the Authenticator app for Windows Phone here.

Source / Credit: Windows Phone Store