How to Protect Your Outlook.com Account with Two-Step Verification

Want to secure your Outlook.com account? Enable 2-step verification

Old key in a rusted door lock

Depositphotos.com/scyther5

by Heinz Tschabitscher
An independent writer who has reviewed hundreds of email programs and services since 1997.
Updated July 01, 2019

To secure your Outlook.com account, start with a strong password. Then, add two-step verification as a second way to log in. When you log in with two-step verification, you'll receive a generated code in a text message to your phone, in an email message, or in an authenticator app. After you set up two-step verification, exempt browsers on devices and computers only you use from the need to enter a code. For the flexibility afforded by POP access and IMAP in email programs, generate app-specific passwords.

Instructions in this article apply to Outlook.com and Outlook Online.

Protect Your Outlook.com Account with Two-Step Verification

To set up two-step verification on your Outlook.com (and Microsoft) account:

  1. Select your name or picture in the upper-right corner of the window.

    Outlook.com inbox.

  2. Select My account.

    Viewing settings in Outlook.com.

  3. If prompted, enter your password and select Sign in.

  4. In the top navigation menu, select Security.

    Advanced settings in Outlook.com.

  5. Select More security options.

    Basic security settings in Outlook.com.

  6. In the Help us protect your account screen, select the What security info would you like to add dropdown arrow and choose either A phone number or An alternate email address.

    Login prompt to add additional security in Outlook.com.

  7. If you selected A phone number, enter your phone number and select either Text or Call. If you selected An alternate email address, enter an email address (not your Outlook.com address).

    Choosing either text or email for security code in Outlook.com.

  8. Select Next.

  9. Enter the code you received, then select Next.

    Dialog awaiting a security code in Outlook.com.

  10. If prompted, enter your password, then select Sign in.

    A dialog box requesting a password in Outlook.com.

  11. In the Two-step verification section, select Set up two-step verification.

    Additional security options in Outlook.com.

  12. Select Next.

    Instruction to set up two step verification in Outlook.com.

  13. Select the Verify my identity with dropdown arrow and choose either An app, A phone number, or An alternate email address.

    Selecting an option to verify identity in Outlook.com.

  14. The rest of the two-step verification process depends on which method you chose in step 13. See the corresponding sections below for instructions for each of these three methods.

Use an App to Receive Outlook.com Sign-In Verification Codes

To verify your identity with the Microsoft Authenticator app:

  1. Select Get it now.

    Choosing to use an app to verify identity in Outlook.com.

  2. In the Microsoft Authenticator web page, select your country, enter the phone number for your smartphone, and select Send Link.

    The Microsoft authentication website in Outlook.com.

  3. When you receive the link on your smartphone, install the app, then sign in to the app.

  4. Tap the plus sign (+) to add your account. Choose either your Personal account, Work or school account, or Other account (Google, Facebook, etc.).

    MS Authenticator setup screenshots on Android.

  5. Sign in with your Outlook.com username and password.

    If prompted, enter the code which was sent in an email or text message.

    Logging into MS Authenticator on Android.

  6. Go back to Outlook.com, then select Next.

    Finish setting up the authentication app for Outlook.com.

  7. Select Finish.

    Microsoft Authenticator is setup with Outlook.com.

  8. Two-step verification is enabled for your Outlook.com email.

Use a Phone Number to Receive Outlook.com Sign-In Verification Codes

To verify your identity with a phone number:

  1. Enter your phone number and select either Text or Call.

    Choosing to verify identity with a phone number in Outlook.com.

  2. After you receive the code on your phone, enter the code, then select Next.

    A prompt to enter in a code that was sent via phone.

  3. You'll receive a confirmation with a recovery code. Print or save this code, then select Next.

    Confirmation that 2 step verification has been turned on in Outlook.com.

  4. Select Next. Or, choose to sync your Outlook.com email on your Android, iPhone, or Blackberry phone.

    Optional additions to setup security on smart phone.

  5. Select Finish.

    Another optional screen to setup password on other Microsoft apps and devices.

Use an Alternate Email Address to Receive Outlook.com Sign-In Verification Codes

To verify your identity with an alternate email address:

  1. Select Next.

    Verifying identity with an alternate email address in Outlook.com.

  2. After you receive the code in an email from Microsoft, enter the code, then select Next.

    Awaiting a code that was sent via email in Outlook.com.

  3. You'll receive a confirmation with a recovery code. Print or save this code, then select Next.

    Confirmation that 2 step verification has been enabled with an alternate email address in Outlook.com.

  4. Select Next. Or, choose to sync your Outlook.com email on your Android, iPhone, or Blackberry phone.

    Optional additions to setup security on smart phone.

  5. Select Finish.

    Another optional screen to setup password on other Microsoft apps and devices.