How to Set Up Two-Factor Authentication
For many years, the standard combination of a username/email address and password felt like enough security for all of our accounts. Unfortunately, online threats evolve at the same pace as new technology, which means we now need another layer of security. That’s why so many people are looking into how to set up two-factor authentication for their devices and services.
While multi-factor authentication involves more steps than simply entering a password, additional security doesn’t need to come at the expense of convenience. In fact, many multi-factor setups are increasingly easy to use thanks to streamlined log-ins and processes.
In this article, we’ll explain how to set up two-factor authentication on your own devices and why it’s crucial to start using it today.
Why do you want two-factor authentication?
Two-factor authentication – also referred to as 2FA or 2-factor authentication – is a security protocol that involves two key inputs. Those two formats, or “factors,” depend on the configuration. A viable 2-step verification system may be as simple as a password and username combination.
The big advantage of 2FA is simplicity. With extra authentication features, there’s less pressure placed on each security layer. Plus, when you can store part of a 2FA configuration locally on your device, you’re better secured against online threats.
How to enable 2FA with your Microsoft account
Setting up 2FA for your Microsoft account is simple. You just need to set up an authenticator app on your smartphone. The app serves as the second “factor” in the login process.
Follow these steps to enable 2FA:
- Log into your Microsoft account
- You will need to choose where you prefer to receive a security verification code, either email or phone
- Copy and enter your code when prompted
- Go to the “Security” tab at the top of your main profile page
- Scroll down to “Advanced security options” and click “Get started”
- Scroll down to the “Additional security” heading and find the “Two-step verification” tab. This will display and allow you to toggle the current setting, “On” or “Off”
- Click “Turn on”
- Read Microsoft’s pre-setup guide and click “Next” when ready
- Follow the “Get it now” link to install the Microsoft authenticator app, or click “set up a different Authenticator app” to connect to a different app
- Log in using the app to configure your additional security steps
Microsoft encourages users to add multiple backup emails and contact information. This extra step is a big help if you lose your security information. Without it, Microsoft warns that you can permanently lose your account.
For more information on how to use 2FA effectively with your account, like resetting passwords and how to set up app passwords, check out Microsoft’s support guide.
How to turn off two factor-authentication in Microsoft
Deactivation doesn’t require you to reconfigure your security settings, which makes it very easy to turn off 2FA.
- Repeat steps 1 through 6 from the above list
- This time, select “Turn off" under the “Two-step verification” tab
- Remove the authenticator app from your smartphone
- Consider updating or strengthening your existing password to better protect your accounts
While it may be easy to opt out for now, 2FA is fast becoming the standard for digital security. From your bank accounts to your Facebook account, chances are you’ll need to add an additional authentication factor soon. It’s the rule in most critical infrastructure and industries, and many services are requiring it.
Get a handle on your security and 2FA with Windows Hello
For Microsoft users, Windows Hello is a great catch-all option for managing compatible devices through multi-factor authentication and biometric security features. Improved security aside, Windows Hello helps you consolidate your login routine into a simplified 2FA that will streamline how you interact with your devices.
Windows Hello’s authentication options
Windows Hello helps implement multi-factor logins and new advances in biometric authentication, and it provides 3 secure ways to access your Windows devices. Its biggest advantage? It lets you avoid complex passwords and procedures. Instead, the entire process is fast and secure.
Here are the 3 available methods in place:
- Windows Hello PIN: With this method, you create a four-character PIN to access Windows devices. It’s more secure than a typical password because it only exists on that device. It’s not stored or transmitted anywhere else.
- Windows Hello Face: This facial recognition method uses near-infrared imaging to provide detailed and reliable facial scanning on devices with a built-in webcam.
- Windows Hello Fingerprint: This method uses stored fingerprint data for authentication. It’s typically done through a reader near your keyboard, but you can also do it through an external fingerprint reader.
Want to learn more about Windows Hello and biometric security? Read our article, What Is Windows Hello? Microsoft’s Biometric Authentication.
Add a new step to your authentication
Windows Hello is based entirely on your existing technology, so there’s no need to download an additional app to use it. However, you will need to configure whichever authentication method you want to use.
Here’s how to get started:
- Click the Windows icon at the lower left of your desktop
- Click the gear-shaped icon to open your Settings window
- Click the Accounts tab
- Select “Sign-in options” from the left sidebar
- This is where you’ll find all of your sign-in options, including Windows Hello Face, Windows Hello Fingerprint, and Windows Hello PIN
How to turn off two-factor authentication in Windows Hello
You don’t need to reconfigure any security settings to deactivate 2FA, making the process much easier to do. Just follow these steps:
- Repeat steps 1 through 4 from the above
- Click “Remove” under whichever authentication feature you want to deactivate
- Follow the prompts and confirm your password
That’s it! If you choose to stop using a particular feature, we suggest using a stronger password to maintain security. Or activate a different authentication factor to preserve two-step authentication.
What other services offer two-step verification?
You can find 2FA available through many online services and consumer hardware. It’s also a policy at most businesses and institutions. The more important the service, the more likely you already encountered some form of 2FA.
Two-factor or multi-factor authentication comes in a variety of types, though most systems center on these 3 factors:
- Something you know: A password or pin. Ideal for streamlining access
- Something you have: A security pass or USB key. Great if you want even more protection, or prefer to avoid biometric features
- Something about you: Biometric factors like fingerprint scanning and facial recognition
Does two-factor authentication really do more to protect you?
We’ve talked a lot about two-factor authentication and how it’s becoming the standard for security, but what does it actually do for you?
1. Improves login security
Users are the primary beneficiaries of 2FA, because multi-factor offers better overall security for whoever uses it. The next generation of threats is already here, and authentication systems are constantly improving to fight back.
The security advantage doesn’t require biometrics, either. In addition to PINs and security keys, you can find 2-step verification apps that use a one-time access code. You’ll generate a code from your authentication app and use it to access your online accounts or services.
2. Helps streamline your overall login routine
2FA is much more convenient than the traditional login process. Conventional wisdom means you’ll use a complicated password, otherwise it’s too susceptible to hackers. Even though multi-factor authentication adds a second step, each step is actually easier.
Stop trying to remember a long string of random characters – or writing it down somewhere for safe-keeping. Fingerprint readers and retina scanners are both speedy and reliable, and neither requires you to remember a thing. Even PINs are better, because you only need to recall 4 characters.
Even if you don’t use biometric features, authenticator apps provide more security and convenience. For example, they don’t send you backup codes or a link in a text message, because they store everything in one place. They also keep things local, which means you’re less exposed to online attacks.
3. Reduces impact from attacks and troubleshooting
This is one of the most important advantages for business owners and project managers. Whether you manage a large team or a few employees, you want to avoid slowing down your workflow. And if your business runs on technology, you may face significant downtime in the case of an attack or compromised information.
Multi-factor authentication delivers an extra layer of security across your business and your workforce.
Preparing for a multi-factor future
Multi-factor authentication is the new standard for security. That’s why knowing how to set up two-factor authentication is more relevant than ever. Fortunately, it’s easy to set up, and most providers make the process as simple as possible.
In fact, many of us already use a 2FA setup without knowing it. For example, if you try to log into your bank account from a new device, you may receive a PIN to confirm it’s actually you. What’s stopping you from using that same level of security with your own devices and logins? 2FA is here to stay, so it’s best to start using it now.
About the Author: Dwight Pavlovic is a contributing writer for HP Tech Takes. Dwight is a music and technology writer based out of West Virginia.
Popular HP Products
