Make your Microsoft account more secure

Safeguarding your account is a top priority at Microsoft. You can help protect your Microsoft account by taking a few minutes to learn about account security and following some simple steps:

  • Use a strong password that:

    • Is at least eight characters long.
    • Contains a mix of letters, numbers and symbols.
    • Doesn't contain your username, real name or company name.
    • Doesn't contain a complete word.
    • Is significantly different from previous passwords.
    • Isn't the same password you use on other websites, such as for online banking or other email accounts.

    Change your password

  • Current security info (like an alternate email address or phone number) helps us to verify your identity if you forget your password or if someone else tries to take over your account. We never use this info to spam you or to try to sell you something – promise!

    Manage your security info

    Learn more about security info >

  • The Recent activity page helps you track unusual or suspicious activity. You can see your latest sign-ins and changes to your account. If you see something wrong or unfamiliar, click "This wasn’t me" and we’ll take you through a few steps to change your password and review the security info on your account.

    View your recent activity now

    Learn more about the Recent activity page >

  • Two-step verification boosts account security by making it more difficult for hackers to sign in – even if they know or guess your password.

    If you turn on two-step verification and then try to sign in on a device that we don’t recognise, we’ll ask you for two things:
    • Your password.
    • An extra security code.

    We can send a new security code to your phone or your alternative email address, or you can get one through an authenticator app on your smartphone.

    Turn on two-step verification now

    Learn more about two-step verification >

  • Most service and app providers release security updates that can help protect your devices. These updates help prevent viruses and other malware attacks by closing possible security holes.

    If you’re using Windows, in order to receive these updates automatically, turn on Windows Update.

    Learn more about automatic updates >

  • Don't open email messages from unfamiliar senders or email attachments that you don't recognise. Viruses can be attached to email messages and might spread as soon as you open the attachment. It's best not to open an attachment unless you expected to receive it. You should also be careful when downloading apps or other files from the Internet, and make sure that you recognise the source.

    Learn more about downloading files from the web >

  • Hackers can steal passwords through malware (malicious software) that's been installed on your computer without your knowledge. For example, sometimes malware is maliciously downloaded with something that you do want, like a new screen saver. Take the time to check and clear your computer of viruses or malware before you change your password.

    Is your computer running Windows?
    Great! Windows Defender is free anti-malware software built-in to Windows 8.1 and Windows RT 8.1. It updates automatically through Windows Update. If you're running an earlier version of Windows, you can download and install Microsoft Security Essentials for free.

    After you install an anti-virus program, you should set it to regularly get updates and scan your computer.

    Learn more about removing a virus >