If a hacker gained entry to your Microsoft account, they might obtain your OneDrive information, bypass your Windows PC’s safety, and probably even monitor your laptop computer’s location utilizing GPS. But safety isn’t the solely purpose to tweak your Microsoft account settings—a few of them additionally have an effect on your day-to-day privateness, too.
Hey, I’ll be trustworthy: I discovered some surprises in my very own Microsoft account settings not too long ago, and that’s why I wish to share the following pointers with you. For instance, I had no concept Microsoft was sharing my private information with third-party companions for advertising-related functions.
Some of the following pointers are simple, others are much less apparent. To discover your Microsoft account settings, head to account.microsoft.com and check in along with your Microsoft account credentials.
Control which apps can entry your information
You can provide third-party apps direct entry to your Microsoft account. That one e mail instrument you used again in 2018? Yeah, it would nonetheless have entry to your Microsoft account emails. Lots of different on-line account programs, like Google accounts, work the identical method. (It’s known as OAuth.)
Chris Hoffman / Foundry
To see the checklist of apps with entry, navigate to “Privacy” after which click on “App access.” Click the “Details” button subsequent to every app to see what particulars you’ve shared with that app. Click “Don’t Allow” to take away an app’s entry to your account information.
If you’ve performed plenty of video games on Xbox Game Pass—as I’ve—this checklist will probably be lengthy and messy. I had over 100 entries right here, and most have been Game Pass video games. That makes it exhausting to identify potential threats. It can be good if Microsoft supplied higher filtering, however no such luck.
Disable personalised adverts and third-party information sharing
If you haven’t configured this but, Microsoft is probably going utilizing your private information to point out you “relevant” adverts which may curiosity you.
Personally, I don’t thoughts personalised adverts. But I was stunned to study that Microsoft was sharing information “with third parties about [my] activities associated with Microsoft services, websites, and apps.” I don’t know what meaning precisely, and I don’t wish to discover out. No thanks.
Chris Hoffman / Foundry
To flip these settings off, click on “Privacy” within the sidebar, after which click on “Personalized ad settings.” Disable each “See ads and offers that interest you” and “Share my data with third parties for personalized ads.”
Say no to e mail spam
If you need promotional emails from Microsoft, that’s tremendous. If you don’t, you’ll want to show them off—they’re apparently on by default!
To discover this setting, head to “Settings,” then “Privacy,” then “Promotional communications.” Turn off the varied choices right here. (I discovered one other shock right here, with my account being opted into the “Microsoft 365 Relationship Marketing Program” for some purpose.)
Double-check recurring subscriptions
Is Microsoft planning to invoice you for one thing? You would possibly as nicely verify when you’re right here. Whether it’s Xbox Game Pass or Microsoft 365, it’s simple to finish up with sneaky recurring prices—particularly if you buy subscription codes at a discount and would somewhat not pay the upper worth on to Microsoft on renewal.
Click “Subscriptions” within the sidebar and verify if there are any surprises. You can click on “Manage” after which “Turn off recurring billing” to show off any subscription you’d somewhat not mechanically preserve paying for.
If you do wish to preserve some recurring subscriptions, it’s value checking that your cost strategies are updated when you’re right here.
Enable two-step verification
Two-step verification is vital for the safety of any on-line account. You’ve in all probability heard it earlier than, however it’s true and value repeating. If it isn’t on but, you actually ought to allow it.
To discover these settings, click on “Security” within the sidebar after which click on “Manage how I sign in.” Look for “Two-step verification” underneath the Additional safety part. If it’s not activated, flip it on.
Set a backup e mail and cellphone quantity
While you’re checking the standing of two-factor authentication, take into account including a backup e mail handle and cellphone quantity.
If you solely have a single backup technique—like a cellphone quantity—then you definately’re susceptible to getting locked out of your account. Ensure your Microsoft account has an alternate e mail handle and cellphone quantity in your management. Make positive you continue to have entry to them.
These choices might be discovered on the “Manage how I sign in” web page underneath “Ways to prove who you are.”
Consider changing your account password (however perhaps not)
Microsoft now gives passwordless accounts. You can take away your account password on the “Manage how I sign in” web page just by clicking “Turn on” underneath the Passwordless account part.
If you do that, your account received’t have a password anymore and also you’ll have to authenticate utilizing an alternate technique going ahead. Alternative strategies embrace the Microsoft Authenticator app or device-based Windows Hello biometrics.
Chris Hoffman / Foundry
Personally, I haven’t made the leap but. With two-step verification enabled, attackers already want each your password and one thing else (like your cellphone) to check in. Plus, there are nonetheless restoration processes which will let an attacker acquire entry to your account through SMS or e mail, so passwordless isn’t as locked-down as it would sound.
And I’m cautious of the potential incompatibilities {that a} passwordless account can have when when signing into my Microsoft account in, say, older purposes. Passwordless accounts in all probability are the longer term, however it’s not absolutely baked but. Up to you if you wish to dive in or wait.
Clean up your exercise historical past
Microsoft retains tabs in your “activity history,” that means how you utilize its apps and companies, the way you browse, and the way you search. If you care about your privateness, you in all probability wish to clear that up.
To do this, click on the “Privacy” tab and search for the choices underneath “Empower your productivity,” reminiscent of “Browsing and search.” You can click on an entry within the checklist after which click on “Clear all activities” to erase all the things in that class.
After you do, Microsoft will ask in the event you’d wish to mechanically clear the info on a rolling foundation, guaranteeing Microsoft isn’t storing a decade’s value of all those accidental Bing searches you carried out whenever you truly meant to launch an app from the Start menu.
Prune your gadgets checklist
Microsoft remembers all of the PCs and Xboxes you’ve signed into. To see this checklist, click on “Devices” within the sidebar. You may even discover a system remotely in the event you’ve activated the “Find my device” function on it—assuming the distant system has an web connection and is powered on.
There’s a superb probability you might have an extended checklist of gadgets you now not personal right here—even in the event you don’t review laptops professionally like I do! It’s value going by way of the checklist and eradicating those you removed years in the past.
Check latest sign-in exercise, too
While you’re poking round in your Microsoft account settings, go forward and verify your latest account sign-in exercise. To discover it, click on “Security” within the sidebar after which click on “View my sign-in activity.”
Chris Hoffman / Foundry
Check the entries right here and confirm there isn’t something you don’t acknowledge. If you don’t see something out of the extraordinary, your account is probably going safe and hasn’t been compromised. But in the event you see something bizarre, it’s time to lock down your account safety additional.
To do this, click on the “Secure your account” hyperlink underneath “Look unfamiliar?” and Microsoft’s web site will stroll you thru the method of adjusting your password and adjusting safety settings.
Account settings typically disguise surprises
I used to be startled by a number of the issues I discovered when digging by way of my Microsoft account settings—like that third-party information sharing possibility, which occurred to be activated by default!
It’s a superb reminder that we ought to be recurrently reviewing account settings for all our necessary on-line accounts.
For extra firsthand PC explorations, experiments, and ideas, subscribe to Chris Hoffman’s e-newsletter: The Windows Readme.