Jim Kerstetter/CNET Microsoft has offered two-step verification (2FA) process since early 2013. Also known as two-factor authentication or two-step authentication, the process strengthens your account security by requiring you to enter your password (step 1), then a security code (step 2). The security code can be sent to you by e-mail, SMS, phone call or you can use an authenticator app on your mobile device. Enabling two-step verification on your Microsoft account will enable it across all Microsoft services that currently support two-step verification, like Windows, Office,. Here's how to get started: Enable two-step verification Screenshot by Jason Cipriani/CNET. Step 1: Go to, and look for both an email address and phone number under the section titled 'Security info helps keep your account secure.'
Click Turn on Two-Factor Authentication. After you have enabled 2FA for your devices, you will need to update the authentication for any applications using your iCloud account. In my case, I had to update the authentication for Microsoft Outlook 2016.
If either piece of information is missing, click on the Add security info link and follow the prompts. The SMS functionality of 2FA relies on your phone number being connected to your account, so don't skip it.
Otherwise you'll need access to your email account to receive your secondary log-in code. Step 2: Click on the 'Set up two-step verification' link. Step 3: Follow the setup process until you reach the end, then click 'Done.' You may be asked to provide a verification code, sent to either your phone via SMS or to your alternate email address, before you can complete the two-step setup. Once it's complete, you should receive an email confirmation from Microsoft sent to your alternate email address. Pair an authenticator app with your Microsoft account Screenshot by Jason Cipriani/CNET You can get security codes by email, phone call or SMS, but an even easier way is to use an authenticator app on your mobile device. Authenticator apps, like Google Authenticator, run locally on your device and work even if your device doesn't have an Internet connection.
To use an authenticator app, you first have to pair it with your Microsoft account. Step 1: Download the authenticator app of your choice to your device., and users can use Google Authenticator, while Windows Phone users can use. Step 2: Go back to your, and you should see a prompt to setup an mobile app. If not, click on 'Set up identity verification app' link under the Identity verification apps section. Step 3: Launch your preferred authenticator app, then scan the bar code on the screen.
Step 4: When the security code appears in the authenticator app, enter it in the box, then click on the Pair button. Using two-step verification Once you've enabled two-step verification on your Microsoft account, logging in to your Microsoft services will require your account password and a security code. Fill out the required information (usually the last four digits of your phone number, or a portion of your email address) to trigger the security code being sent to your device.
Otherwise, launch whatever app you used to set up verification codes (Google Authenticator, for example) and then enter the code in the text field.
I’ve been struggling with a problem for the past few days. I don’t have a fix yet, but I’ll continue to post things as I try them. Windows Domain network. Two Windows servers. DHCP, DNS on the Win servers. Exchange 2013 server hosted by Rackspace. SonicWALL firewall.
Outlook 2010 (don’t ask), 2016 clients. Client OS: Win 7, Win 8, Win 10. Symptoms: About five minutes after Outlook starts and successfully connects to the Exchange server, a window pops up. The source is Windows Security, and it asks for a user name and password for the Exchange server: With Outlook 2016 on Win 10, entering the user name and password results in another pop-up. Closing the window or hitting cancel results in another pop-up. The only way to continue working is to leave the pop-up open and click on another window, giving it the focus. During all this time, Outlook continues to indicate that it is connected to the Exchange server and to download messages, but it will not automatically download messages from POP3 servers that are also configured.
Clicking on Send/Receive All Folders does do that, however. With Outlook 2010 on Win 7, it’s worse. Entering the user name and password results in another pop-up. Closing the window or hitting cancel results in another pop-up. The popup always claims the focus, making it impossible to type anything into another program.
During all this time, Outlook continues to indicate that it is connected to the Exchange server and to download messages, but it will not automatically download messages from POP3 servers that are also configured. Clicking on Send/Receive All Folders does do that, however.
This happened to one Outlook client. A day later, it happened to another client running a different version of Office on a different OS. Four days later, it happened on a third client. Although the onset seems unpredictable, this is not an intermittant problem. Once it occurs on a client, it continues repeatedly on that client. Microsoft says that any of the following could cause the problem:.
Outlook is configured to prompt you for credentials. Incorrect password cached in credential storage. Required Authentication Settings for outgoing server and incoming server. Outlook Anywhere is not configured to use NTLM Authentication. Corrupt Outlook profile. Slow or unstable network connection.
Antivirus programs. Shared calendars Since this is happening on several — but not all — Outlook clients, I think that random corruption of a profile or credential is unlikely. My network connections appear to be stable and fast (50Mb/s over wired Ethernet, 20 Mb/s over WiFi.). What I’ve tried: Updating Outlook 2016. In this advisory: Microsoft says that they’ve found and fixed a bug that causes the problem I’m seeing. I tried the update that they suggested. Making sure that “Always prompt for credentials” is not checked in the account settings.
Removing credentials from Control Panel Mail User Accounts Manage your credentials Windows Credentials. This was the solution suggested by Rackspace tech support. I didn’t think it was a likely fix, since it seemed to assume that the credential corruption that would be handled by it was random, where it appears that something is affecting multiple Outlook clients.
Resetting the network time. This isn’t one that I found on the web, but I did notice that the local network time was wrong by a few minutes. I reset the time on the server, and rebooted the clients. No difference.
Rebooting the domain controllers and clients. I thought there could have been a DNS or DHCP problem. Apparently there wasn’t. Flushing local DNS cache. From the command line, enter: “ipconfig /flushdns”. Unchecking “Download Shared Folders” in Mail account settings. Turning off shared calendars.
Entering domain credentials into the pop-up, as opposed to Exchange server mailbox credentials. Didn’t fix the problem. Turning off all Norton firewall, AV, and spam blocking. Creating a new Outlook profile. Starting Outlook in safe mode. Some old same old. Checking the SonicWALL logs for dropped packets.
I set the SonicWALL packet monitoring for all packets. I started capturing, clicked OK in the pop-up window to send the stored password several times, and then turned off capturing.
When I looked at the log with a filter for the client IP address, there were a few UDP multicast and broadcast packets dropped, but no other packets were dropped. C hecking for dropped packets and long latency on my LAN or my link to my ISP. This is with a Wi-Fi client, which is a worst-case: I decided to try using manual control of Outlook/Exchange connection as a workaround. Setting the Outlook clients to “Work Offline” in all three cases produces the expected result: the pop-up windows stop. However, putting two of the clients back in to normal, connected, mode has caused the pop-ups to stop for more than an hour.
In the third client, the Outlook 2010 one, the pop-ups came back when the client was set to normal connection mode. It’s going to be a little hard to troubleshoot this with only one client showing the problem After five hours, the pop-up window sprang into life on one of the Outlook 2016 clients. It did not immediately reappear. After 12 hours, it had not reappeared, nor had it reappeared on the other Outlook 2016 client. After three or four days, no more problems on the Outlook 2016 clients.
Then I turned on a laptop with Outlook 2016 installed which, for a reason I don’t fully understand, had not updated its internal clock to the server’s time. Problem returned. And then it showed up on one of the formerly fixed Outlook 2016 clients. I rebooted the machine until it picked up the correct time, set it ot “work offline” mode, and dis the dame thing to the other Outlook 2016 client that had caught the disease. That fixed them both, at least so far.
So I think the root cause was the wrong server clock, which caused the client’s clocks to be wrong, which caused Exchange to reject part of the automatic client login (but, strangely enough, not the whole thing). I don’t know why toggling “work offline” fixes thing, but it appears to. Rackspace sent me an interesting suggestion: One thing we have found to be really successful in this situation is completely powering down every single device associated with the email address, changing the password in the control panel, and then slowly powering back on each device one by one and updating the password manually usually solves this issue. This seems to be a more drastic solution for a problem where the Exchange server stops trusting Outlook clients and rejects their credentials. No word on why the iOS clients have sailed through all this brouhaha with no problems. A week or so went by with no problems.
Then I started getting pop-ups on one Outlook 2016 machine. After a couple of days, the same problem occurred on another Outlook 2016 instance connected to the same Exchange mailbox. This time, toggling Work Offline didn’t fix the problem. I even got the pop-up while working offline. Definitely not alone! Same problem with no obvious solution. I’m not a Tech so all I’ve done is update and re-boot.
The problem returned within an hour. I didn’t have any problem before being forced to change my password by the server (SBS2011) and wonder if some echo exists. It seems Outlook remains attached to Exchange despite requesting refreshed credentials. Does the system regularly check connections and perchance there are different passwords stored?
I will keep an eye here for enlightenment. I have a similar ‘random’ problem with W10 Pro & Outlook 2016 at home using an Outlook (hotmail) account to connect to the W10 system and to Outlook client itself connected to Outlook servers in cloud somewhere. At some point, I guess that the the W10 user profile gets corrupted.
Then: All the passwords that are stored somewhere to avoid to have to re-key them disappear. 1) The default user name disappears at W10 login. I have just to re-key the ID + password.
2) The IDs & passwords to connect automatically to remote servers on private network disappear (NAS, other private servers on my network). 3) All default PWDs in Explorer & Chrome disappear. 4) Google asks for my ID & pwd again in Chrome. 5) I used Windows credential store (Web & Windows) to store IDs & passwords.
All is wiped out when it happens. I just have to re-key in. 6) In Outlook local client, similar symptoms as the ones described above. Windows Security window in loop prompting ID & password, not understanding exactly what is expected & why (at what precise level the systems tries to make a connection?), which may be the cause for the loop, but no user exit foreseen by the Microsoft analyst, programmers & testers! So endless buggy loop like in the good old days. Machines are most often always right!
My ‘repair’ solution for Outlook was to delete and recreate new Outlook profiles. It was effective.
The 1st time, I uninstalled Outlook then reinstalled completely. The 2nd time, I just deleted & recreated the profile. Outlook rebuilt its local Outlook.pst files. I have several IMAP accounts, so a pain but not the end of the world. The 3rd time, I just recreated the profiles as a routine (still a pain). It does nor happen often but it is the 3rd time for me since on W10, migrated from W7 with no migration issue on this specific machine. So, I guess that somewhere, W10 detects (false positive) that the machine ID security details for me as user are ‘corrupted’ or ‘compromised’.
Then, it must delete/rename things and nothing related to my ID & access works normally any more. Next time, I will log the exact security messages to be more precise. I am no IT professional, just a careful user (retired). W10 becomes incredibly complex & sophisticated.
Too much was put behind the screen in order to “simplify” the user experience, endeavouring to show a nicer interface, but making it much more difficult when things go wrong. There is no easy “verbose” mode to help understand what is going on easily & to correct. Error messages are cryptic not pointing on the Web to potential causes or root causes. I should get a training to adapt. But who wants to spend time on this if not paid for it? My user data is as separated as it can from system data (never fully possible unfortunately but close to). Backups (grandfather, father & son) follow different periodicity patterns accordingly.
I am wondering if would not be simpler to restore immediately an Acronis system back up – to be performed daily (currently monthly only) – & forget totally about trying to repair the OS & Microsoft integrated apps. It is like waiting for the bus for too long: how much time lost is too much? Also, I should probably take the courage to reinstall W10 clean & fresh using product IDs & licence keys but this would cost me nearly a day’s work to reinstall all apps. So, I differ it out of natural laziness. I am typing this after trying to find a solution for this “user profile random corruption” on the Web.
To see that others have similar problem with Outlook – although perhaps narrower – without clean solution is not what I hoped for. PS: Two steps verification is & was off (see ref above). Otherwise, when it works, W10 works generally well. I don’t have the benefit of a touch screen but I have seen it working. It is impressive on small tablets.
Thank you this article!! We are in the raggedy end of our Exchange 2013 roll out from Exchange 2010. Exchange 2013 was probably the most problematic Exchange install I have ever done. Took weeks to get it work right. We are also experiencing many of these problems. We have a mixed environment of Win 7 and 10 pro workstations and Office 2010, 2013, 2016.
Re-asking of credentials appears to be totally random and we have tried everything possible. Turning cache off solves most of the problems but no guarantee it won’t ask out of the blue. But that being said, happens most often with notebooks on Windows 10 and Office 2013. Very annoying. We were having a similar issue in our environment. I’m posting this here in the hopes it could maybe help someone else.
Our environment is: Exchange 2013 on-premise Outlook 2016 clients (part of our Office 365 Business subscription, but no hosted Exchange) I noticed that it typically happened on laptops or when user’s first started their workstations. I tested with the Outlook AutoConfiguration tool, and noticed that it would try to connect to outlook.com.
We don’t have online mailboxes, so I looked into how the AutoDiscover service worked. Apparently Microsoft added a step to Outlook 2016 called “Check for O365 as Priority” From MS: “Outlook uses a set of heuristics to determine whether the user account provided comes from Office 365. If Outlook determines confidently that you are an O365 user, a try is made to retrieve the Autodiscover payload from the known O365 endpoints ” There is a registry key to disable this behavior: HKEYCURRENTUSER SOFTWARE Policies Microsoft office 16.0 outlook autodiscover DWORD: ExcludeExplicitO365Endpoint Value = 1 So, I assume that for laptops especially, any percieved lack of connectivity to Exchange could potentially lead to Outlook trying to authenticate with office.com.
Hope this helps someone else.