updated 10:31 am EDT, Tue April 9, 2013
Microsoft accounts can be linked to Authenticator Windows Phone app
Microsoft is preparing to add a two-factor system for account authentication, according to a report. The new system, aimed at improving account security overall by adding a number-based token to the Microsoft Account log-in system, has reached a point where the company is close to turning it on for all users, though it is not clear when this will be.
An authenticator app for Windows Phone has been spotted by LiveSide, with the app last updated on the 4th of April. The accompanying text claims the Authenticator can be paired with a Microsoft account by scanning a barcode or entering a secret key, but an accompanying URL that points to the Live accounts page is not set up for two-factor authentication set-up as of yet. The app will then generate a code periodically, which can then be entered when the user tries to log into their account for untrusted computers or devices. This same system has been used in other two-factor schemes, such as those employed by Google, Apple, and Blizzard.
While an extra security system will help wary Microsoft customers, it is warned that the system will not work with Microsoft Accounts that are linked to others, and that accounts may need to be unlinked before being secured. Devices and apps that use Microsoft Accounts but cannot support the two-factor system may need something called an "app password," namely a password generated specifically for that log-in. This too has been seen elsewhere, in Google's authentication system.