If you use Outlook.com (formerly Hotmail) for email, it’s vital that you secure it properly. After all, your email is a gateway to nearly everything you do online.
But there’s another reason that your Outlook account is so important. Windows 10 allows you to sign into your PC with a Microsoft account. If you use this feature and someone steals your account password, you could be in big-time trouble.
Don’t let that happen! We’ll share some great security tips to make sure that nobody can gain access to your account.
1. Set a Strong Password
The first tip is one of the most important: make sure your account password is strong. Using a weak password, such as one that’s short, obvious, or something you use on other sites, won’t cut it. A good password, should contain at least 10 characters with a mix of uppercase, lowercase, numbers, and symbols.
If you haven’t updated your password in a while, it’s a good idea to change it now. Log into your Outlook account, then click your name in the top-right corner of the page. Choose View account to access your Microsoft account settings.
On the resulting page, click the Change password link next to your email and under your profile picture. Confirm your current password, then enter a new one. If you like, you can also check a box that will force you to change your password every 72 days. This isn’t necessary if you use a strong password, but it’s not a bad idea to keep it fresh either.
2. Enable Two-Factor Authentication
You’ve hopefully heard about two factor-authentication (2FA). It requires something you have, usually a code from an app or text message, in addition to your password to log in. With this enabled, your password alone isn’t enough to log into your Microsoft account, protecting you if someone steals it.
To get started with 2FA, visit your Microsoft account page and select the Security tab along the top of the page. On the resulting Security basics screen, click the more security options text under the three boxes.
Under the Two-step verification header, click Turn on two-step verification. You’ll see a brief description of what this does. Hit Next to proceed.
Next, you’ll need to choose whether you want to use an app, phone number, or alternate email address for verification. Each method has pros and cons. We recommend picking An app because it’s the most secure and works even if your phone is offline.
Microsoft will push you to you use its authenticator app, but we recommend Authy instead. Once you install an authenticator app on your phone, select your mobile operating system from the list. Then scan the QR code with your app and enter the code to confirm. Make sure you copy down the recovery code before you click Finish.
If you’d rather not use an app, select A phone number or An alternate email address instead. Provide your mobile number or alternate email address, and Microsoft will auto-send a code to it via a call, text, or email. Enter that code to confirm, and you’re all set.
3. Don’t Share Your Account With Anyone
This might sound obvious, but it’s worth mentioning. Sharing email accounts is an easy way to open yourself up to hacks. With extremely rare exceptions, nobody else needs access to your email.
If you’ve ever shared your email password with a friend, or perhaps let someone online log into an account of yours, you need to change your password to lock those others out.
4. Use a PIN to Log In to Windows
If you use a Microsoft account to sign into Windows, then your Outlook email password is the same as your PC login password. While this seems convenient, it poses a risk in two ways.
First, the more secure your password, the less convenient it is to type it out. Thus, you might be tempted to shorten your email password to make signing into your PC faster. Second, if someone stole your PC password through a keylogger or some other method, they’d also have your email password.
A good solution to both of these issues is trying an alternate method of locking your PC. Windows offers a PIN and picture lock on all computers, and even fingerprint and face locks on Windows Hello-compatible machines. To enable an alternate method, visit Settings > Accounts > Sign-in options and click Add under the method you’d like to enable.
A PIN provides a good balance of security and convenience. Since PINs are local to one device, someone who stole it wouldn’t be able to log in to your Outlook email.
5. Review Recent Activity Regularly
Like most online accounts, you can review the history on your Outlook account whenever you like. This lets you confirm that unauthorized personnel haven’t signed into your account.
To check it, visit your Microsoft account security page and select the Review Activity button. Take a look through your recent sign-ins, and see if anything looks fishy. You can expand each entry to see what platform and browser it was from, along with whether the sign-in was a success or not.
If something doesn’t look right, click the Secure your account text under the map to rectify it.
6. Check Trusted Devices Registered to Your Account
You can sign into your Microsoft account on all kinds of devices. Thus, it’s smart to review where you’ve logged in once in a while to make sure your account isn’t tied to any old phones or PCs.
You can view devices associated with your account by visiting the Devices page. Have a look to make sure that every PC, phone, Xbox, and more are yours.
In addition, if you’ve had 2FA enabled in the past, it’s worth clearing out your list of app passwords. On your account page, head back to Security > more security options. Under App passwords, click Remove existing app passwords and then Remove. This will sign you out of any devices that don’t support 2FA, like the Xbox 360 or mail apps on older phones.
Finally, you can click Remove all the trusted devices associated with my account here to force two-factor authentication on everything again.
This might all sound silly, but reducing the potential attack surface for your account is wise.
7. Be Aware of Phishing
Email phishing attempts to steal sensitive information from you by masquerading as a legitimate entity. If you’re not careful, this could lead you to hand over your Outlook account credentials.
Stay safe by never clicking links in emails — always visit the website directly. Don’t trust messages claiming that you need to verify your Outlook password to upgrade your mailbox, as they’re all bogus. Microsoft will never ask you for your password through email. And it isn’t going to call you about PC viruses.
8. Keep Your Recovery Information Current
The quickest way to get back into your Outlook account is by using a recovery email address or phone number. If you don’t add these before you get locked out, you’re going to have a much harder time unlocking your account.
You can add a new recovery address or check your existing ones by once again visiting the Security page of your Microsoft account. Click the Update Info button and you’ll see each of your existing contact entries. Hit Remove on any you no longer use, and make sure you have at least two alternate ways for Microsoft to contact you.
Click Add security info to add a new phone number or email address. You’ll have to verify new methods with a code sent to them. Click Change alert options to decide which contact methods receive account alerts.
If you don’t have a backup email, it’s worth creating another free account so you have this recovery option.
9. Password Protect Your PST File
We’ve focused on Outlook.com mail for these tricks, but if you use Outlook on your PC, there’s a special tip for you. As you might know, the desktop version of Outlook stores your email in a PST file. You can add a password to these files for a bit of extra protection if you like.
Microsoft advises that PST passwords don’t provide adequate protection against malicious attacks. Thus, a strong password on your PC account is the best line of defense for your local email. Also, this doesn’t work for Microsoft Exchange accounts (like those used with corporate email).
To password-protect a PST, open Outlook on the desktop and choose File > Account Settings > Account Settings. Switch to the Data Files tab and click the PST you want to protect (there may only be one). Hit the Settings button above, then click Change password. Add a password of 15 characters max, then click OK to set it.
10. Use Alias Accounts to Cover Your Real Address
Adding an alias to your email account lets you give out a different email address that still delivers email to your main inbox. You can use these to easily identify which sources send spam to your inbox. From a security standpoint, they also obfuscate your real address.
To add one, visit the Your Info tab on the Microsoft account website. Click Manage your sign-in email or phone number, then choose Add email. You can Create a new email address and add it as an alias, which will make a new @outlook.com address. Or you can add an existing email address as one.
Either way, you can use that address to sign into your Microsoft account. They all share a password, and you can send and receive email from any of them. Even better, if you click the Change sign-in preferences on the aliases page, you can prevent an alias from signing into your Microsoft account. This lets you create an alias for working with email, but prevent anyone from using it to break into your account.
Microsoft lets you add up to ten aliases in every calendar year. In addition, you can have no more than ten aliases on your account at one time.
How Do You Protect Outlook?
These ten tips will help you keep a tight handle on your Outlook account, which is doubly important if you use it to sign into Windows 10. Using the tools Microsoft has provided is vital to keeping attackers out. With a bit of common sense and a strong password, you’ll have an ironclad account in no time.
Once you’ve got security all done, make sure you’ve said goodbye to Outlook spam.
Have you used these tools to protect your Outlook account? Do you sign in to Windows 10 with a Microsoft account? Share your account horror stories with us below!
Image Credit: denisismagilov/Depositphotos