I have just moved to Two-Factor authentication, there was a bit of work to get everything signed in again but the additional security is worth it. I use my Microsoft account as a central hub for everything, it is on all my PCs at home and work, I have a WP8 that I log into with it, I use it to log into Skype. Basically if someone takes it you have access to everything I have. In addition I have lots of photos and file on SkyDrive now and do not feel like having to deal with the issues if that is compromised. The process is fairly easy and I have the simple steps below so if you have a Microsoft Account I would recommend enabling it.
- Install the Authenticator App on your Phone if it is a Windows Phone
- Got to the account page for your account.
- Click on the link to enable two factor authentication (two-step)
- The page will give you a nice bar code that you can scan using the Authenticator application, this makes setup a breeze.
- Not this is done you will need to reset up your devices and accounts on your machines. If you have already trusted your accounts on your desktops you are good to go and only need to deal with things like SkyDrive by providing the Auth from your phone.
- Not everything likes the passcodes created so for other apps and devices such as Xbox 360, Windows Phone, or mail apps on your other devices you will need a App Password, you use this instead of your regular password to log into your account. More details can be found at the following link to setup different apps
With that you are done, all your apps now have two factor auth, if you choose to trust an account or remember the code then you are back to single access if the device is stolen, if that happens head straight to your manage page and remove the app passwords and un-trust all your devices. What was on the device my be compromised but any new information will be secured from that point on. Also you do have BitLocker enabled on your desktop hard drives, don’t you?