1. Windows Central Question's Avatar
    I went to login to my Outlook.com account today the way I usually do on computers that are not my personal property (by using a code texted to my phone instead of my password) but when I navigated to the login page, the option to login using two-step verification (what the rest of the world calls two-factor authentication) was gone.

    I entered a chat with Microsoft support and after explaining everything, I logged in just using my password anyway. Once in my account, I checked all settings and verified that the Microsoft service does not think anything is wrong and has not logged any unknown transactions on my account.

    I re-enabled two-step verification and after doing that, I changed my password. I logged out and went to log back in expecting the "two-step verification" option to be there and it was not.

    I then thought, let me go to the Microsoft support forums to see if anyone else is having this issue and guess what ... I can't post anything there without ... -wait for it- ... logging in to my Outlook.com/Microsoft account; the one thing I don't want to do at this point.

    Anyway, I decided to do the next thing I thought of. Go to a non-microsoft site for some help.

    Is anyone else seeing this same thing? Today was the first time this has happened.

    Thanks.

    Bob
    11-07-2016 02:16 PM
  2. DOGC_Kyle's Avatar
    They just redesigned the MS Account Sign-in screen. 2 step verification is still there and working. You can't log in without a password anymore though. Now you need both the password and code to login, so it's no longer possible to login by just having access to your phone.
    I'm personally glad that option is gone, while it was good if you were on a system with a potential keylogger (really the only use of it), it was more of a security risk since anyone with physical access to your phone (texts and calls can usually be received without unlocking the phone) would be able to login to your account.
    11-07-2016 02:57 PM
  3. Bob-o-pedic's Avatar
    DOGC_Kyle ... Thank you.

    You would think that MS could let a user know before they make a change regarding two-factor authentication (2FA) security.

    [BEGIN RANT]

    - no one else calls it two-step verification do they?? ugh-

    Personally, I think this is a step backwards in security. It would be more secure to have to input the 2FA first before providing your password. I know a ton of people who, no matter how many times you tell them not to, still use the same password for a majority of their online accounts. So, they go to login to their Outlook.com account on a compromised computer and the first thing they do is input their email address and password to be stolen. Yes, the second authentication factor prevents an attacker from getting into the email account but so what. Now they have that person's email address (likely a login name at many websites) and password. Just based on innocent browsing behavior alone, an attacker can figure out where to put that email address and password to gain access on non-2FA sites and services.

    Yes, I know I am going overboard with the doomsday scenarios for the common user but these are facts.

    I've used Windows phones when no one else wanted to. I have lived through the hotmail.com-->msn.com-->outlook.com email eras but I just can't anymore. The app ecosystem on Windows phone, the disjointed Windows Store/Desktop apps on the PC, the Windows 10 (aka SpywareOS) Cortana data feeds and now Outlook.com tomfoolery is too much for me to put up with. Yeah, Google records your every move too. I know. Its not about thinking they are the only ones doing it. They just do it in annoying ways like unannounced changes that irk me.

    If I really thought it would make a difference, I would browse with Iridium or Firefox in private mode with privacy badger and webrtc leak enabled, greasemonkey/tampermonkey scripts running, an Ad Blocker disabling website analytics and social media widgets over a no-logging VPN service to login to a secure encrypted webmail service like Posteo.de.

    However, I have no such illusions that any of that will stop the institutional eavesdropping or that anyone actually thinks I matter in the least. lol However, I do care when someone is making it easier for a common digital thief to put their hand in my pocket.

    [END RANT]
    11-08-2016 10:19 AM

Similar Threads

  1. Does anyone use slow-motion video recording?
    By Grodelj in forum Microsoft Lumia 950 XL
    Replies: 7
    Last Post: 12-29-2016, 05:25 PM
  2. These are Gwent: The Witcher Card Game's starting leaders and their abilities
    By WindowsCentral.com in forum Windows Central News Discussion
    Replies: 0
    Last Post: 11-07-2016, 01:11 PM
  3. Cannot download RoboRaid on Hololens , but can download everything else??
    By Windows Central Question in forum Ask a Question
    Replies: 0
    Last Post: 11-07-2016, 12:49 PM
  4. Anyone experiencing issues with music streaming apps
    By Windows Central Question in forum Ask a Question
    Replies: 1
    Last Post: 11-05-2016, 01:02 PM
  5. Is anyone switching?
    By Indistinguishable in forum Windows Apps
    Replies: 3
    Last Post: 11-04-2016, 05:36 PM
LINK TO POST COPIED TO CLIPBOARD