Steps to secure OneDrive Account

The iCloud breach that happened few days ago, left everyone wondering how safe are their online vaults – the remote storage systems that they have been using to store their photos and documents. Hacking is common, and will always be around. In case of the LinkedIn breach, it was made public that most passwords were very weak. OneDrive offers some methods to secure your account other than just a password. This article tells you how to secure your OneDrive account.

Tips to secure OneDrive

We will see how you can harden OneDrive security in order to secure your OneDrive account.

Through Unbreakable Password

Use a strong password. This is just the first step towards securing your OneDrive account. Do not use passwords like 123456789 or 0000000 etc. Do not use your name or profession as password. I know a person (and his son too) who has their names as ID and professions as their passwords. Weaker passwords also include your birth dates, hobbies, favorite places, friends’ names etc.

Create a minimum 10 digit password. That should be the minimum length. The longer the length, the more secure your password. Use a combination of numbers, alphabets and special characters. With OneDrive, all types of special characters (except whitespaces) are permitted so you can go creative with the password. If you think you won’t be able to remember your password, note it down somewhere off the computer. Keep it in your purse or something that is always with you.

You may also use password managers. I use Lastpass, a cloud based password manager. You may also use a local password manager but that restricts your usage to the computer where you installed the local password manager. With a cloud based password manager, you can access your password from anywhere and from any device.

Enable Two Step Authentication For OneDrive

Add an additional step to further strengthen the protection for your OneDrive account. You can achieve this by clicking on your name towards top-right corner of the OneDrive window and then by clicking on Account Settings. A new tab will open up showing you OneDrive Setting related options in a left pane. The right pane shows items related to the option selected in the left pane.

The option to set up two step authentication for OneDrive is the second one, named Security and Password. When you click on the option, you will be asked to verify your identity. This can be selected using an alternate email or phone number that you associated with the account when creating it. The screen would look like this:

Secure OneDrive account

When you select the phone number or email, you will have to type the number or email address to make sure they match the ones on record. This done, Microsoft will send you a code for one time verification.

Microsoft will ask for verification when you click on Password option and on Recent Activity option. This is to make sure it is really you who is operating the computer and not some hacker.

When you enter the code in the box provided, you will be told about a smartphone app that lets you get rid of waiting for code. We’ll come to that in a while. For now, simply ignore and click on Set it up Later.

You will get to see the elements related to Password etc. in the right pane. Here you can see the option to set up Two Step Authentication. The first few items in the right pane are the recovery email and phone numbers that you can change or edit using the relevant links.

Below those links, you can see the option to set up Two Step Verification. See the image for a clear picture of where you are.

Fig 2 - Set up Two Step Authentication for OneDrive

Click Two Step Verification link. The right pane will show you information about how it intends to set up two step verification. Among those are making sure you have an extra email ID or phone number to receive one-time sign-in codes, downloading a smartphone app so that you do not have to wait for codes (you’ll need a smartphone for that), and finally, setting up passwords for accounts that are based on Microsoft, such X Box, Windows Phone 8 and previous versions etc. Normally, when you set up two factor authentication, other apps depending upon the Microsoft ID will not work saying password is incorrect. You have to set up those apps, too, for two step authentication. We will get to app passwords in a while.

Click on Next and again Next as it asks you to download the smartphone app again. We’ll talk about it after setting up two steps for authentication. The next info page in right pane, you get a link to understand how to setup Outlook 2010, Xbox, Windows Essentials etc. Click on Finish to set up two step authentication.

From now on, when you wish to sign in to your Outlook or OneDrive account, you will be asked to choose an email or phone number for authentication and a code will be sent to the item you chose. Enter the code to the area provided on the authentication page to log in.

APP PASSWORDS: Some Apps dependent on Microsoft Sign-In cannot sign in after you enabled two-step authentication. To deal with that, scroll down on the Security and Password page under Account Settings and click on Create a New App Password. You can do this for each app that won’t work after you set up two step authentication. You will know an app is not working when it says password is incorrect. In Outlook desktop client, for example, you will have to replace the real password with the password you get after clicking on Create a New App Password. Same applies to Xbox and some other things.

Set Up A SmartPhone App

Based on the type of Smartphone you are using, you can download a free app that gives you an instant code so that you do not have to select email/phone and then wait for code. The smartphone will ask you to approve the login. All you have to do is to tap on it to log into any of the Microsoft services, including OneDrive. However, my observation is that it is not as fast as Microsoft claims it to be. Both the email code and smartphone app methods take almost same time.

To begin, click on Set up under Identity Verification Apps, you will be shown how to set it up on different smartphone OS, step by step. Here is a screenshot of how the Android App looks.

Microsoft Account App- Android

Thus you can secure your OneDrive account from hackers etc. It applies to all Microsoft products that use the email ID used for login by OneDrive. It covered creating a strong password, setting up two factor authentication, setting up passwords for apps and using a smartphone app for instant logins. If you have anything to contribute, please comment.

Related Reading: Microsoft Account Protection.

Posted by on , in Category Security with Tags
Arun Kumar is a Microsoft MVP alumnus, obsessed with technology, especially the Internet. He deals with the multimedia content needs of training and corporate houses. Follow him on Twitter @PowercutIN