If you use Outlook.com (formerly
Hotmail) for email, it’s vital
that you secure it properly. After all, your email is a gateway to
nearly everything you do online.
But there’s another reason that
your Outlook account is so important. Windows 10 allows you to sign into
your PC with a Microsoft account. If you use this feature and someone
steals your account password, you could be in big-time trouble.
Don’t let that happen! We’ll share some great security tips to make sure that nobody can gain access to your account
1. Set a Strong Password
The
first tip is one of the most important: make sure your account password
is strong. Using a weak password, such as one that’s short, obvious, or
something you use on other sites, won’t cut it. A good password, should
contain at least 10 characters with a mix of uppercase, lowercase,
numbers, and symbols.
If you haven’t updated your password in a while, it’s a good idea to change it now.
Log into your Outlook account, then click your name in the top-right corner of the page. Choose
View account to access your Microsoft account settings.
On the resulting page, click the
Change password
link next to your email and under your profile picture. Confirm your
current password, then enter a new one. If you like, you can also check a
box that will force you to change your password every 72 days. This
isn’t necessary if you use a strong password, but it’s not a bad idea to
keep it fresh either.
2. Enable Two-Factor Authentication
You’ve
hopefully heard about two factor-authentication (2FA). It requires
something you have, usually a code from an app or text message, in
addition to your password to log in. With this enabled, your password
alone isn’t enough to log into your Microsoft account, protecting you if
someone steals it.
To get started with 2FA, visit
your Microsoft account page and select the
Security tab along the top of the page. On the resulting
Security basics screen, click the
more security options text under the three boxes.
Under the
Two-step verification header, click
Turn on two-step verification. You’ll see a brief description of what this does. Hit
Next to proceed.
Next,
you’ll need to choose whether you want to use an app, phone number, or
alternate email address for verification. Each method has pros and cons.
We recommend picking
An app because it’s the most secure and works even if your phone is offline.
Microsoft will push you to you use its authenticator app, but we recommend
Authy instead. Once you install
an authenticator app
on your phone, select your mobile operating system from the list. Then
scan the QR code with your app and enter the code to confirm. Make sure
you copy down the recovery code before you click
Finish.
If you’d rather not use an app, select
A phone number or
An alternate email address
instead. Provide your mobile number or alternate email address, and
Microsoft will auto-send a code to it via a call, text, or email. Enter
that code to confirm, and you’re all set.
3. Don’t Share Your Account With Anyone
This
might sound obvious, but it’s worth mentioning. Sharing email accounts
is an easy way to open yourself up to hacks. With extremely rare
exceptions, nobody else needs access to your email.
If you’ve ever
shared your email password with a friend, or perhaps let someone online
log into an account of yours, you need to change your password to lock
those others out.
4. Use a PIN to Log In to Windows
If
you use a Microsoft account to sign into Windows, then your Outlook
email password is the same as your PC login password. While this seems
convenient, it poses a risk in two ways.
First, the more secure
your password, the less convenient it is to type it out. Thus, you might
be tempted to shorten your email password to make signing into your PC
faster. Second, if someone stole your PC password through a keylogger or
some other method, they’d also have your email password.
A good
solution to both of these issues is trying an alternate method of
locking your PC. Windows offers a PIN and picture lock on all computers,
and even fingerprint and face locks on Windows Hello-compatible
machines. To enable an alternate method, visit
Settings \> Accounts \> Sign-in options and click
Add under the method you’d like to enable.
A
PIN provides a good balance of security and convenience. Since PINs are
local to one device, someone who stole it wouldn’t be able to log in to
your Outlook email.
5. Review Recent Activity Regularly
Like
most online accounts, you can review the history on your Outlook
account whenever you like. This lets you confirm that unauthorized
personnel haven’t signed into your account.
To check it, visit your Microsoft account security page and select the
Review Activity
button. Take a look through your recent sign-ins, and see if anything
looks fishy. You can expand each entry to see what platform and browser
it was from, along with whether the sign-in was a success or not.
If something doesn’t look right, click the
Secure your account text under the map to rectify it.
6. Check Trusted Devices Registered to Your Account
You
can sign into your Microsoft account on all kinds of devices. Thus,
it’s smart to review where you’ve logged in once in a while to make sure
your account isn’t tied to any old phones or PCs.
You can view devices associated with your account by visiting
the Devices page. Have a look to make sure that every PC, phone, Xbox, and more are yours.
In
addition, if you’ve had 2FA enabled in the past, it’s worth clearing
out your list of app passwords. On your account page, head back to
Security \> more security options. Under
App passwords, click
Remove existing app passwords and then
Remove. This will sign you out of any devices that don’t support 2FA, like the Xbox 360 or mail apps on older phones.
Finally, you can click
Remove all the trusted devices associated with my account here to force two-factor authentication on everything again.
This might all sound silly, but reducing the potential attack surface for your account is wise.
7. Be Aware of Phishing
Email
phishing attempts to steal sensitive information from you by
masquerading as a legitimate entity. If you’re not careful, this could
lead you to hand over your Outlook account credentials.
Stay safe
by never clicking links in emails — always visit the website directly.
Don’t trust messages claiming that you need to verify your Outlook
password to upgrade your mailbox, as they’re all bogus. Microsoft will
never ask you for your password through email. And it isn’t going to
call you about PC viruses.
8. Keep Your Recovery Information Current
The
quickest way to get back into your Outlook account is by using a
recovery email address or phone number. If you don’t add these before
you get locked out, you’re going to have a much harder time unlocking
your account.
You can add a new recovery address or check your existing ones by once again visiting
the Security page of your Microsoft account. Click the
Update Info button and you’ll see each of your existing contact entries. Hit
Remove on any you no longer use, and make sure you have at least two alternate ways for Microsoft to contact you.
Click
Add security info to add a new phone number or email address. You’ll have to verify new methods with a code sent to them. Click
Change alert options to decide which contact methods receive account alerts.
If you don’t have a backup email, it’s worth creating another free account so you have this recovery option.
9. Password Protect Your PST File
We’ve
focused on Outlook.com mail for these tricks, but if you use Outlook on
your PC, there’s a special tip for you. As you might know, the desktop
version of Outlook stores your email in a PST file. You can add a
password to these files for a bit of extra protection if you like.
Microsoft advises that PST passwords don’t provide adequate protection against malicious attacks. Thus,
a strong password on your PC account is the best line of
defense for your local email. Also, this doesn’t work for Microsoft Exchange accounts (like those used with corporate email).
To password-protect a PST, open Outlook on the desktop and choose
File \> Account Settings \> Account Settings. Switch to the
Data Files tab and click the PST you want to protect (there may only be one). Hit the
Settings button above, then click
Change password. Add a password of 15 characters max, then click
OK to set it.
10. Use Alias Accounts to Cover Your Real Address
Adding
an alias to your email account lets you give out a different email
address that still delivers email to your main inbox. You can use these
to easily identify which sources send spam to your inbox. From a
security standpoint, they also obfuscate your real address.
To add one, visit
the Your Info tab on the Microsoft account website. Click
Manage your sign-in email or phone number, then choose
Add email. You can
Create a new email address and add it as an alias, which will make a new @outlook.com address. Or you can add an existing email address as one.
Either
way, you can use that address to sign into your Microsoft account. They
all share a password, and you can send and receive email from any of
them. Even better, if you click the
Change sign-in preferences
on the aliases page, you can prevent an alias from signing into your
Microsoft account. This lets you create an alias for working with email,
but prevent anyone from using it to break into your account.
Microsoft
lets you add up to ten aliases in every calendar year. In addition, you
can have no more than ten aliases on your account at one time.
Kindly Tell me the tools you use in securing your Outlook Mail. Also share the experience you’ve had with your email processes.