If you want to enhance the security on your Microsoft account, enabling two-step verification is the best place to start. It protects against unauthorised logins by adding an extra layer of required authentication on top of your password in the form of a code sent to your mobile, app or email.
How to turn on/off two-step verification
• Head over to Security settings page and sign in with your Microsoft account details
• Go to Two-step verification then choose 'Set up two-step verification' to turn it on. You can choose 'Turn off two-step verification' to disable the feature
• Follow the on-screen prompts to complete the process.
The benefit of two-step verification is that even if someone manages to get hold of your login password, it doesn't mean they can access your account as they would still need to input the code only the account owner has been sent. This will ensure your Skype, OneDrive, and Outlook accounts will be bolstered.
Two-step verification can be set up with an alternative email address, phone number or authenticator app. Microsoft will send you a security code to enter on the sign-in page, every time you sign in on a new device or from a new location.
When two-step verification is enabled, you will get a security code to the given email address, phone or authenticator app. If the feature is turned off, you will have to verify your identity with security codes periodically, when there is risk to your account security.
Microsoft's support website notes that when you turn on this feature, you will always need two forms of identification to login. If you forget your password for instance, you will need two other contact methods to gain access. If you lose a contact method, the password will not be enough to log into your account. Hence, it is advisable to keep three pieces of security information (i.e a mobile number, alternative email address and authenticator app) registered to your account.