For many years, the standard combination of a username/email address and password felt like enough security for all of our accounts. Unfortunately, online threats evolve at the same pace as new technology, which means we now need another layer of security. That’s why so many people are looking into how to set up two-factor authentication for their devices and services.
While multi-factor authentication involves more steps than simply entering a password, additional security doesn’t need to come at the expense of convenience. In fact, many multi-factor setups are increasingly easy to use thanks to streamlined log-ins and processes.
In this article, we’ll explain how to set up two-factor authentication on your own devices and why it’s crucial to start using it today.
Why do you want two-factor authentication?
Two-factor authentication – also referred to as 2FA or 2-factor authentication – is a security protocol that involves two key inputs. Those two formats, or “factors,” depend on the configuration. A viable 2-step verification system may be as simple as a password and username combination.
The big advantage of 2FA is simplicity. With extra authentication features, there’s less pressure placed on each security layer. Plus, when you can store part of a 2FA configuration locally on your device, you’re better secured against online threats.
How to enable 2FA with your Microsoft account
Setting up 2FA for your Microsoft account is simple. You just need to set up an authenticator app on your smartphone. The app serves as the second “factor” in the login process.
Follow these steps to enable 2FA:
Log into your Microsoft account
You will need to choose where you prefer to receive a security verification code, either email or phone
Copy and enter your code when prompted
Go to the “Security” tab at the top of your main profile page
Scroll down to “Advanced security options” and click “Get started”
Scroll down to the “Additional security” heading and find the “Two-step verification” tab. This will display and allow you to toggle the current setting, “On” or “Off”
Click “Turn on”
Read Microsoft’s pre-setup guide and click “Next” when ready
Follow the “Get it now” link to install the Microsoft authenticator app, or click “set up a different Authenticator app” to connect to a different app
Log in using the app to configure your additional security steps
Microsoft encourages users to add multiple backup emails and contact information. This extra step is a big help if you lose your security information. Without it, Microsoft warns that you can permanently lose your account.
For more information on how to use 2FA effectively with your account, like resetting passwords and how to set up app passwords, check out Microsoft’s support guide.
How to turn off two factor-authentication in Microsoft
Deactivation doesn’t require you to reconfigure your security settings, which makes it very easy to turn off 2FA.
Repeat steps 1 through 6 from the above list
This time, select “Turn off" under the “Two-step verification” tab
Remove the authenticator app from your smartphone
Consider updating or strengthening your existing password to better protect your accounts
While it may be easy to opt out for now, 2FA is fast becoming the standard for digital security. From your bank accounts to your Facebook account, chances are you’ll need to add an additional authentication factor soon. It’s the rule in most critical infrastructure and industries, and many services are requiring it.
Get a handle on your security and 2FA with Windows Hello
For Microsoft users, Windows Hello is a great catch-all option for managing compatible devices through multi-factor authentication and biometric security features. Improved security aside, Windows Hello helps you consolidate your login routine into a simplified 2FA that will streamline how you interact with your devices.
Windows Hello’s authentication options
Windows Hello helps implement multi-factor logins and new advances in biometric authentication, and it provides 3 secure ways to access your Windows devices. Its biggest advantage? It lets you avoid complex passwords and procedures. Instead, the entire process is fast and secure.
Here are the 3 available methods in place:
Windows Hello PIN: With this method, you create a four-character PIN to access Windows devices. It’s more secure than a typical password because it only exists on that device. It’s not stored or transmitted anywhere else.
Windows Hello Face: This facial recognition method uses near-infrared imaging to provide detailed and reliable facial scanning on devices with a built-in webcam.
Windows Hello Fingerprint: This method uses stored fingerprint data for authentication. It’s typically done through a reader near your keyboard, but you can also do it through an external fingerprint reader.
Add a new step to your authentication
Windows Hello is based entirely on your existing technology, so there’s no need to download an additional app to use it. However, you will need to configure whichever authentication method you want to use.
Here’s how to get started:
Click the Windows icon at the lower left of your desktop
Click the gear-shaped icon to open your Settings window
Click the Accounts tab
Select “Sign-in options” from the left sidebar
This is where you’ll find all of your sign-in options, including Windows Hello Face, Windows Hello Fingerprint, and Windows Hello PIN
How to turn off two-factor authentication in Windows Hello
You don’t need to reconfigure any security settings to deactivate 2FA, making the process much easier to do. Just follow these steps:
Repeat steps 1 through 4 from the above
Click “Remove” under whichever authentication feature you want to deactivate
Follow the prompts and confirm your password
That’s it! If you choose to stop using a particular feature, we suggest using a stronger password to maintain security. Or activate a different authentication factor to preserve two-step authentication.
What other services offer two-step verification?
You can find 2FA available through many online services and consumer hardware. It’s also a policy at most businesses and institutions. The more important the service, the more likely you already encountered some form of 2FA.
Two-factor or multi-factor authentication comes in a variety of types, though most systems centre on these 3 factors:
Something you know: A password or pin. Ideal for streamlining access
Something you have: A security pass or USB key. Great if you want even more protection, or prefer to avoid biometric features
Something about you: Biometric factors like fingerprint scanning and facial recognition
Does two-factor authentication really do more to protect you?
We’ve talked a lot about two-factor authentication and how it’s becoming the standard for security, but what does it actually do for you?
1. Improves login security
Users are the primary beneficiaries of 2FA, because multi-factor offers better overall security for whoever uses it. The next generation of threats is already here, and authentication systems are constantly improving to fight back.
The security advantage doesn’t require biometrics, either. In addition to PINs and security keys, you can find 2-step verification apps that use a one-time access code. You’ll generate a code from your authentication app and use it to access your online accounts or services.
2. Helps streamline your overall login routine
2FA is much more convenient than the traditional login process. Conventional wisdom means you’ll use a complicated password, otherwise it’s too susceptible to hackers. Even though multi-factor authentication adds a second step, each step is actually easier.
Stop trying to remember a long string of random characters – or writing it down somewhere for safe-keeping. Fingerprint readers and retina scanners are both speedy and reliable, and neither requires you to remember a thing. Even PINs are better, because you only need to recall 4 characters.
Even if you don’t use biometric features, authenticator apps provide more security and convenience. For example, they don’t send you backup codes or a link in a text message, because they store everything in one place. They also keep things local, which means you’re less exposed to online attacks.
3. Reduces impact from attacks and troubleshooting
This is one of the most important advantages for business owners and project managers. Whether you manage a large team or a few employees, you want to avoid slowing down your workflow. And if your business runs on technology, you may face significant downtime in the case of an attack or compromised information.
Multi-factor authentication delivers an extra layer of security across your business and your workforce.
Preparing for a multi-factor future
Multi-factor authentication is the new standard for security. That’s why knowing how to set up two-factor authentication is more relevant than ever. Fortunately, it’s easy to set up, and most providers make the process as simple as possible.
In fact, many of us already use a 2FA setup without knowing it. For example, if you try to log into your bank account from a new device, you may receive a PIN to confirm it’s actually you. What’s stopping you from using that same level of security with your own devices and logins? 2FA is here to stay, so it’s best to start using it now.
About the Author: Dwight Pavlovic is a contributing writer for HP Tech Takes. Dwight is a music and technology writer based out of West Virginia.
Prices, specifications, availability and terms of offers may change without notice. Price protection, price matching or price guarantees do not apply to Intra-day, Daily Deals or limited-time promotions. Quantity limits may apply to orders, including orders for discounted and promotional items. Despite our best efforts, a small number of items may contain pricing, typography, or photography errors. Correct prices and promotions are validated at the time your order is placed. These terms apply only to products sold by HP.com; reseller offers may vary. Items sold by HP.com are not for immediate resale. Orders that do not comply with HP.com terms, conditions, and limitations may be cancelled. Contract and volume customers not eligible.
HP’s MSRP is subject to discount. HP’s MSRP price is shown as either a stand-alone price or as a strike-through price with a discounted or promotional price also listed. Discounted or promotional pricing is indicated by the presence of an additional higher MSRP strike-through price
The following applies to HP systems with Intel 6th Gen and other future-generation processors on systems shipping with Windows 7, Windows 8, Windows 8.1 or Windows 10 Pro systems downgraded to Windows 7 Professional, Windows 8 Pro, or Windows 8.1: This version of Windows running with the processor or chipsets used in this system has limited support from Microsoft. For more information about Microsoft’s support, please see Microsoft’s Support Lifecycle FAQ at https://support.microsoft.com/lifecycle
Ultrabook, Celeron, Celeron Inside, Core Inside, Intel, Intel Logo, Intel Atom, Intel Atom Inside, Intel Core, Intel Inside, Intel Inside Logo, Intel vPro, Itanium, Itanium Inside, Pentium, Pentium Inside, vPro Inside, Xeon, Xeon Phi, Xeon Inside, and Intel Optane are trademarks of Intel Corporation or its subsidiaries in the U.S. and/or other countries.
In-home warranty is available only on select customizable HP desktop PCs. Need for in-home service is determined by HP support representative. Customer may be required to run system self-test programs or correct reported faults by following advice given over phone. On-site services provided only if issue can't be corrected remotely. Service not available holidays and weekends.
Microsoft Windows 10: Not all features are available in all editions or versions of Windows 10. Systems may require upgraded and/or separately purchased hardware, drivers, software or BIOS update to take full advantage of Windows 10 functionality. Windows 10 is automatically updated, which is always enabled. ISP fees may apply and additional requirements may apply over time for updates. See http://www.microsoft.com.