How to Turn off Two-Step Authentication for

Simplify the login process on your trusted devices

Key, silhouette, on binary code
Gaetan Charbonneau / Getty Images

Two-step authentication -- a strong password in combination with a code received from your phone or another device for each login -- is a smart and powerful way to keep your account safe. It is also a way that makes accessing the emails in it a bit more cumbersome.

For devices you keep around and only use yourself, you can just about eliminate the hassle while requiring two-step authentication everywhere else. On trusted devices' browsers, you log in with your password and separate code one time, but after that, the password alone suffices.

However, you can revoke this easy access at any time from any browser, which becomes important when a device is lost.

Turn Off Two-Step Authentication for in a Specific Browser

To set up a browser on a computer or mobile device not to require two-step authentication every time you access

  1. Log in to as usual and click your name or icon in the toolbar at the top of the screen. 

  2. Select Sign out from the menu that appears.

  3. Go to in the browser you want to authorize not to require a two-step authentication.

  4. Type your email address (or an alias for it) under Microsoft account in the field provided.

  5. Enter your password in the Password field.

  6. Optionally, check Keep me signed in. Two-step authentication is waived for the browser with whether or not Keep me signed in is checked.

  7. Click Sign in or press Enter.

  8. Type the two-step authentication code you receive by email, text message, or phone call or that is generated in an authenticator app under Help us protect your account.

  9. Check I sign in frequently on this device. Don't ask me for a code.

  10. Click Submit.

In the future, neither you nor anyone else who uses the browser on that computer or device will have to sign in using two-step authentication as long as or another Microsoft site that requires a login with your account is opened at least once every 60 days.

If a device is lost or you suspect somebody might have access to a browser set up not to require two-step authentication, revoke all privileges granted to trusted browsers and devices.