Whenever there are reports about an attack or deliberate attempt by cyber-criminals to breach the online vaults, its users are forced to wonder if the security measures in place are enough to ensure the safety of data. Fortunately, cloud services like OneDrive offer more than one layer of protection that can help users overcome any anticipated misfortune or trouble. In today’s post, we will learn how to harden OneDrive security to keep it secure.
Harden OneDrive security with additional layers of protection
You can make your OneDrive account more secure by-
- Using Unbreakable Password
- Enabling two-Step Authentication For OneDrive
- Setting Up A SmartPhone App (Microsoft Authenticator)
Let’s see how to use each of the above-mentioned features to make your OneDrive account more secure and safe.
1] Using an unbreakable password
As always, use a strong password. This is also the preliminary step towards creating a more secure OneDrive account. Do not ever use a password that is easy to guess like 123456789, 0000000, or something related to your birth date, anniversary date, etc. Despite repeated reminders, some continue to follow this path.
To begin with, create a minimum 10-digit password. The longer the length, the more secure your password is. Also, using a combination of numbers, alphabets, and special characters is advisable. With OneDrive, all types of special characters (except whitespaces) can apply your brains and make a password that mixes all the elements mentioned. If you worry, you won’t be able to remember your password, note it down somewhere off the computer, create a sticky note.
If you find this too risky, use a password manager. You can use a local password manager, but that restricts your usage to the computer where you installed it. With a cloud-based password manager, you can access your password from anywhere, irrespective of the device in use.
2] Enable Two-Step Authentication For OneDrive
Advancing a step further from the previous step, enable two-step authentication for the OneDrive account. Here’s how to go about it.
Click on your profile picture, choose ‘Account‘.
When directed to a new page, go to ‘Security‘ section.
Click ‘Update Security info‘. When directed to ‘Security Basics‘ page.
Select ‘More security options‘.
Here, when you select the phone number or email, you will have to type the number or email address to make sure it matches the ones on record. Once you have done this, Microsoft will send you a code for one-time verification.
Enter the code to proceed further.
Now, when directed to ‘Additional security options‘ page, look for ‘Two-step verification‘ heading.
When seen, click ‘Setup two step verification‘ link and follow the onscreen instructions.
When done, two-step verification will an extra layer of protection to your account.
Some Apps dependent on Microsoft Sign-In cannot sign in after you enable two-step authentication. To deal with that, scroll down on the Security and Password page under Account Settings and click on Create a New App Password. You can do this for each app that won’t work after you set up two-step authentication. You will know an app is not working when it says the password is incorrect. In the Outlook desktop client, for example, you will have to replace the real password with the password you get after clicking on Create a New App Password. The same applies to Xbox and some other things.
Read: How to encrypt and secure OneDrive files?
3] Setting up a Smartphone app (Microsoft Authenticator)
You can choose to use a Smartphone app to sign-in instead of entering the password.
On your Smartphone launch the Microsoft Authenticator app.
Choose ‘Update Security‘ info.
When directed to ‘Security Settings‘ page, choose ‘more options‘ link at the bottom.
Under ‘Additional Security options‘, scroll down to ‘Identity verification apps‘ section.
Next, choose ‘Set up identity verification app‘ link.
Thereafter, follow the on-screen instructions and you should be all set to use the Smartphone app for instant logins instead of your password.
That’s all!
Related Read: Microsoft Account Protection.
there is two ” you can ” here
“We will see how you can you can harden OneDrive security in order to secure your OneDrive account.
“
Thanks. Editing.
You can secure all your files by encrypting them first before adding them to OneDrive (or any other offsite/cloud storage service/device.)
Also, there is no such thing as an unbreakable password, and the standard secure starting point is 15 characters/numbers and symbols. 10 is actually classed as weak.
See how long it would take to crack a password here: https://passfault.appspot.com/
I quote David Lightman from “WarGames”:
“Hey, I don’t believe that ANY SYSTEM (or, in this case, password) is TOTALLY secure.” :)
I like your articles, Arun. I’m not so worried about a hacker accessing my stuff on OneDrive. I’m more worried about Microsoft poking around in it and possibly sharing it. What’s a good software to automatically encrypt my files before they are uploaded to OneDrive?
There are some good encryption software to encrypt files available in the market. You can use Google search for finding out reviews. I think Truecrypt too is a good option. It is open source and hence, can be trusted.
Really? From the Truecrypt homepage: “WARNING: Using TrueCrypt is not secure as it may contain unfixed security issues”. Open source != secure, it simply == open source.
Truecrypt is my personal choice. I am not saying it is 100% effective. I just happen to trust it. I am not sure but I guess one can also use BitLocker for sync systems like Dropbox, Google Drive or OneDrive.
You can map your oneDrive drive to your PC (instead of installing the onedrive application). Once your drive is mapped, it will asks for your hotmail username/password each time you open your PC.
I don’t keep anything on One Drive that needs security. I would however like some privacy. If I clear all the cached browsing history including passwords etc and close IE then open it again One Drive opens logged in as me. No password required, let alone user id. Seems odd.
Real security questions:
> Is the data encrypted on my computer and encrypted over the network transfer?
> Does microsoft have access to my data?
> Does Microsoft use my pictures?
> Does Microsoft then have access to my password file?
> Does Microsoft mine my data like Google Does?
> If Microsoft is hacked is my data still secure?
> Do Microsoft employees have access to my data?
> Can I share some things and not share other things? How does this work if the data is encrypted?
Unbreakable passwords and two factor authentication is totally useless of the data is laying around on Microsoft servers un-encrypted.