Earlier this year, news broke that foreign pirates had secretly beenand communications between US government officials responsible for identifying foreign threats to national security. The attackers executed their intrusion via malicious code into a computer product called , which allowed them to access the network and break into Microsoft’s email client.
Microsoft has published advice on how organizations can strengthen security to try to avoid these attacks, and said it has not identified any vulnerabilities in Microsoft products.
There may not be much you can do about the SolarWinds vulnerability or other similar vulnerabilities. But if you receive your work or personal mail through Outlook on, there are ways to better secure your individual account and prevent hacks. (If you use , there is also to better protect your device – many of which will also be available in the next .)
Here are five ways to lock your Microsoft account.
1. Configure multi-factor authentication
is the best way to protect yourself against the theft of your login credentials, according to the US Cybersecurity and Infrastructure Security Agency. Basically, it adds an extra layer of security to logging into your account – for example, you enter your password with a verification code sent to your phone or provided by an authenticator app.
To set up multi-factor authentication (also known as two-step verification), go to the Security basics page and sign in with your Microsoft account. To select More security options. Under Two-step verification, Choose Set up two-step verification to turn it on and get further instructions.
To set it up for a Microsoft 365 work account, your administrator will need to enable it. Once done, when you log in with your username and password, you will be prompted for more information. Click on Next.
The default authentication method is to use the free Microsoft Authenticator app, which you can download to your mobile device. This app gives you a unique code to enter which expires after a certain time.
Or, if you prefer to receive a code by SMS, you can choose “I want to configure another method”. Microsoft will ask for your mobile number and send you an SMS with a six-digit code to verify your account.
2. Protect your password
Never use the same password for multiple accounts. There are a lot of superavailable to help you keep track of all your passwords, including the . You should also choose a strong password, which avoids using common words and is at least eight characters long. Discover our others .
3. Avoid phishing scams
If you receive an email regarding the security of your Microsoft account, it might be a– a type of attack where hackers pose as a company or person you know to trick you into revealing personal information such as passwords or credit card numbers. These emails often include a link to a malicious website, which you should never click on.
The best way to avoid these emails is to know how to spot them – they can have misspelled words, come from a slightly misspelled source (like microsoftsupport.ru or micros0ft.com), or include an urgent call to take actions or avoid a threat. If anything looks suspicious, simply remove it or report it by forwarding it to the Anti-Phishing Task Force at [email protected]
4. Protect your applications
On your phone or desktop, only install and run apps from legitimate sources, like the app store for your device. If you use Microsoft 365, using Microsoft apps to access these accounts is the safest choice, according to the company. You should also make sure that all apps as well as your operating system are up to date – a lot of the updates you get are security fixes, so make sure you install them quickly.
5. Make it easier to recover your account
You can set up your account to make it easy to recover in case all else fails and you get hacked. To do this, go to the Microsoft Security Basics page and add all the information, such as your email address and phone number. Make sure to keep this information up to date to ensure the security of your account.
For more information, see our, and .