How to secure your Microsoft account

Hotmail - Outlook.com - Live , its all in this blog !!

Paranoid ? like anything it's a good thing in moderation. This blog will help you secure your free Microsoft email account.


If you ever suspect that your Microsoft account has been compromised there are some very simple steps that you can follow to secure your account and be assured that only you have access.


The first step is to log into your account.

On the top right you see your initials, click into this and select “My Profile”

On the next page click “Security” at the top.

This takes you to a page with four categories that will help to protect your account and privacy.

The first option in the list is Sign-in activity. Sign-in activity shows you recent sign in information for your account, however it's very limited. It will display the operating system used to connect, IP address and approximate location of very recent sign ins. An IP Address is a 32Bit (IPv4) or 128Bit (IPv6) value that computers use to find each other on a network, any network including the Internet. This is limited to the past 30 days so in terms of any kind of forensic value it is unlikely to help you build on any kind of tangible evidence.


If you want to compare the IP Address listed here to your current IP go to:


www.ipchicken.com


This will show you your current IP Address.


The next option under Security is Password security. One of the biggest privacy killers is this. People reuse the same password across multiple online platforms so all you need is one compromise and it cascades into a vortex of pure chaos. Avoid this.


Password security gives you a way to change your password. If you suspect that your account has been hacked then this is the first thing you should do.

Now note the checkbox at the bottom, “Make me change my password every 72 days”. Good security is intrusive and layered. This will make you change your password on a regular basis, be challenged, be secure. It will probably be annoying, it may wind you up but consider doing this. Once you have changed your password only you know it.


Only you know your password ? really? Ever heard of a keylogger?


As the name suggests a keylogger logs what keys you press. There are two types of keylogger, one is a hardware keylogger similar to what Walt connects to Hanks PC in Breaking Bad. The second comes nicely embedded into viruses and malware. No hardware required and it runs silently in the background sending all your keystrokes to the cloud where our black-hat guys can analyse it all and neatly make sense of it. In either case a good Antivirus Solution will see this and protect you from it. Make sure you have a proper Antivirus solution and it is up to date, AV is only as good as its last update. If you have a virus on your computer it may be capturing key strokes. Whatever you use beit MalwareBytes Premium, Kaspersky Internet Security, Eset or whatever make sure your subscription is active and the databases are up to date.


Advanced Security Options is the next tab. This is where we enable Multi Factor Authentication or MFA AKA 2FA

MFA is a method where you use a device like a smartphone as part of the authentication process. When you sign in you enter your username and password, a code is then sent to your phone through SMS or a Push notification is sent to your device which you approved using the Microsoft Authenticator App. The Authenticator App can be downloaded from the App Store or the Google Play Store.

The great thing is that there is yet another layer of security that protects the MFA process. Hopefully your phone will require a pin or biometric authentication so to use this app you need to authenticate to your phone in order to authenticate to your Hotmail.


Once your password is changed and you have MFA enabled it is highly unlikely that anyone will be able to access your private data however conspiracy theorists will disagree with this.


Scroll down the page in the same Advanced security options and look for “Sign me out”

If you click the link Sign me out you will be signed out from any session where you are signed in. If you have used a public computer to check your email as an example or signed in at work then you can click this link to instigate a sign out if you think you may have forgotten to log out. This boots anyone connected out of your account, which they will not be able to reconnect to because you changed your password and enabled MFA.


Password complexity is so important.


How secure is your password? Can it be guessed? As suggested in this blog alreday do you have one password for everything? Consider a passphrase instead of a password. Do not re use the same password. It may be convenient for you but that also makes it convenient for the bad guys.


Google Chrome does a great job in analysing saved password and warning you if any of them have been compromised. The password does not leave your computer however. When a password is reported as compromised it means that it appears in a data breach. Websites get compromised and usernames and passwords fall into the public domain. If this happens Google Chrome will tell you. It may not specifically mean your Facebook or Amazon account has been hacked but it does mean that the password you are using is available through the dark web.

Simple. Just a few steps is all it takes to be secure.


iLogix Computer Solutions are computer repair specialists. We do not just repair hardware we also repair broken operating systems. If your Windows or macOS is not working, you are getting warnings and errors or system crashes please call us on 01252 962898 where we will be more than happy to help you get back in the driving seat.


Virus removal Yateley - Virus removal Camberley - Virus removal Guildford

Virus removal Basingstoke - Virus removal Reading - Windows reload - macOS reload

PC Clean - Mac support Yateley - Mac support Camberley - Mac support Reading - Mac support Guildford - Mac support Basingstoke


I repair therefore I am.


15 views