Microsoft Hops On Two-Factor Authentication Bandwagon 132
itwbennett writes "Following similar initiatives by Apple, Google and Facebook, Microsoft is enabling two-factor authentication for its Microsoft Account service, the log-on service for many of its online and desktop products. Users will find instructions on how to add a second form of authentication on the Microsoft Account settings page. The chief form of secondary authentication will be a short code sent to the user's mobile phone, the number of which Microsoft will keep on file, each time the user logs on."
Excuses to get phone numbers (Score:5, Interesting)
If MS really cared that much about security they would offer the use of client certificates. Much more secure than SMS.
Judging by what passes for acceptable practice today my guess this is all likely all effectivly a moot point as convenience password recovery measures effectivly curtail actual security gains.