Windows Security

Secure your Microsoft account with two-factor authentication

Lock down the Microsoft account that backs Windows sign-in, Store, and OneDrive with proper MFA.

10 min read Beginner Updated 9 Jun 2026
Windows library Start the guide

Step-by-step guide

Work through each section in order. Stop when your issue is resolved — you do not need every step for every situation.

Warning

Use an administrator account for these steps, and keep a recent backup before making repair or security changes.

What you will achieve

Lock down the Microsoft account that backs Windows sign-in, Store, and OneDrive with proper MFA.

1) Enable MFA on account.microsoft.com

  1. Go to Security → Advanced security options.
  2. Turn on Two-step verification.
  3. Add Microsoft Authenticator as primary method.

2) Add fallback and recovery options

  • Add at least one backup method (SMS or secondary authenticator).
  • Generate recovery codes and store them offline.

3) Review trusted devices

Remove old sign-ins under Devices and sign out sessions you no longer use.

Related guides

2fa microsoft account security

Related guides

Continue with these next if you are building a fuller setup or troubleshooting path.

Security
Enable BitLocker on Windows 11
Encrypt the Windows system drive with BitLocker and store recovery keys somewhere you will not lose them.
Read guide
Security
Sensible Windows privacy settings
Tighten Windows privacy without breaking usability — what to turn off and what to leave on.
Read guide