Enabling Two Factor Authentication (2FA) improves the security of your Xbox account. With it enabled, to access your account, a code will be sent to your phone. 2FA prevents unwanted logins and prevents your account from being hacked.
There have been many cases of people who had their Xbox accounts hacked and lost hundreds of dollars worth of digital games and products. It’s not always possible to recover a hacked account. The easiest way to prevent that from happening is to improve the security of your Xbox with 2FA. Enabling 2FA on Xbox is not as straightforward as you might expect.
In this article, we will show you exactly how to enable 2FA on Xbox and other measures to keep your account safe from hackers. Remember, certain apps such as Epic Games require separate 2FA methods. In fact, some multiplayer games require 2FA to cut down on hackers.
Let’s get started!
How to Enable 2FA on Xbox: Step-by-Step Guide
Step 1: Sign in to Your Microsoft Account
Head to Microsoft.com and sign in to your account. If you don’t have a computer, you can use the Microsoft Edge browser on your Xbox or a browser on your phone.
Once signed in to Microsoft, click on the Security tab. Here you will see a list of all the security options for your account.
Step 2: Enable Two-Step Verification
If Two-Step Verification is disabled, you will see a button next to Change Password. Click on it.
Here, you’ll see all the options to prove who you are to Microsoft, including other security features.
Scroll down to the bottom, and under Additional Security, there will be an option to turn on Two-Step Verification. Make sure your phone number is accurate!
©History-Computer.com
Step 3: Complete the 2FA Wizard
A short notice will appear explaining what Two-Step Verification is. Click on Next to enable it.
Once enabled, you will receive a recovery code that will help you gain access to your account if it’s compromised. Microsoft recommends printing the recovery code and keeping it somewhere safe.
Continue to enable Sync Settings and set a password for old apps that don’t support 2FA. Finally, click on Finish to complete the process. That’s how you enable 2FA on Xbox.
How It Works
From now on, when you sign in to your Microsoft account from a new device (including Xbox) or an unknown location, a verification code will be sent to your phone. You will need to manually enter that verification code in order to sign in.
If you play on multiple consoles, 2FA may be bothersome because it takes a while to log in. It can be annoying when you want to play couch coop with friends and everyone has to wait for you to sign in to your Xbox account.
We will walk you through some other login security options that are as secure as 2FA but make it easier and faster to log in to your Xbox account.
Using the Microsoft Authenticator App: Steps to Follow
The Microsoft Authenticator App can also be used for 2FA. In fact, it’s easier to use than the traditional 2FA that sends an SMS message with a verification code.
Instead, Microsoft Authenticator will receive the request in the app which you can manually approve either with a password or biometrics. The Authenticator makes it much easier to sign in to your Xbox profile on unregistered devices.
Step 1: Enable Microsoft Authenticator on Your Microsoft Profile
To start, you need to enable Microsoft Authenticator as a sign-in method. Log in to your Microsoft account again, click on the Security tab, and select Advanced Security Options.
Under the list of Ways to Prove Who You Are, you will see the option to add a new way to sign in or verify. A list of options will appear. Select Use an App and you’ll be asked to enter your Microsoft password again.
Click on Get it Now and you’ll be shown a QR code. Leave this page open because you will need to scan that QR code using the Authenticator app on your phone.
Step 2: Download the Microsoft Authenticator App
Head to Google Play or the App Store and download Microsoft Authenticator.
Once downloaded, open the Authenticator app on your phone, allow permissions, and tap on Scan a QR Code. You can also sign in to your Microsoft account using your email and password. The QR code option is faster.
Click on Scan a QR Code and then point your camera at the QR code you have opened on your computer from earlier. It will automatically sync with your Microsoft account and log you in. From now on, when you need to verify a login attempt, you will receive a notification from the Authenticator app that requires approval.
If you don’t have another device, you can simply sign in to the Authenticator app using your Microsoft account details.
Step 3: Enable Biometrics
To approve the sign-in request, you can use your biometrics. If your phone has a fingerprint sensor, enabling biometrics is recommended. It’s a lot more secure than a password and it’s more secure than 2FA.
In order to enable biometrics, open the Authenticator app, tap on the three dots in the top right corner, and select Settings.
Scroll down until you see the option labeled Require Biometrics or PIN, which will allow you to approve requests with biometrics.
©History-Computer.com
You will be asked to confirm with biometrics whenever you use the Authenticator autofill feature for sensitive information.
If you don’t have biometrics on your phone, Authenticator will either ask you to tap Approve or enter a one-time code that it will generate for you.
Using a Passwordless Account: What to Do
As of 2021, Microsoft also provides an option called Passwordless Account which is similar to 2FA but with a few important points.
For starters, it removes the password from your account. You can always add it back at any time. It relies completely on the Authenticator app so make sure you have it installed on your phone. Bear in mind, you still need your email address to use a passwordless account.
The Passwordless option is designed to use features such as 2FA, Authenticator, Windows Hello (Face recognition), Biometrics, Physical Security Key, and other email codes. The codes give you one-time access to your account. Logging in with Biometrics via the Authenticator app is faster.
On Xbox Series and Xbox One, you can use passwordless login methods but not all of them will be available. For example, you can’t use a Physical Key to log in to your Xbox. Windows Hello also doesn’t work natively on Xbox consoles but you can get it to work with a Kinect.
©History-Computer.com
How to Setup Microsoft Passwordless Account: Step-by-Step
Login to your Microsoft account, head to Security, and scroll down to Additional Security. Toggle Passwordless Account On and complete the steps.
Bear in mind, it may sign you out of any device that is using your account, such as Windows PCs, Xbox consoles, etc. You will need to approve the request from your Authenticator app. For example, if you’re game-sharing with a friend, they may need to sign in to your account again.
Once enabled, every time you want to access your Microsoft account (which is also your Xbox account), you can approve the request with the Authenticator app or email codes. It’s more secure than using a password but it’s not always convenient.
To sign in to an Xbox account without a password, press the Xbox button to open the overlay and then tap the right bumper until you reach the Profile & System tab.
Select Add New and instead of typing your email address, select Use Another Device. Tap the B button to close the on-screen keyboard and navigate the options.
Now head to the website (Microsoft) on your phone and enter the displayed code. Approve the sign-in request on your Authenticator app and your Xbox should be good to go. If your Xbox controller is registered to your account, you can also use it to log in to your account on a friend’s Xbox.
©History-Computer.com
Here is a step-by-step video that not only explains what a passwordless account is but also how to set one up:
The Bottom Line
If you’re worried about the security of your Xbox account, increase the security level with 2FA either with text messages or via Authenticator.
We recommend the Authenticator app because it allows you to use biometrics to approve requests which are more secure than text codes. However, it depends on the features available on your device.
