Protecting data when sharing computers or accounts

When you sign in with an email address that you use to access other Microsoft products, you can take advantage of additional security features. These features make it more difficult for a hacker to sign in, even if they have learned your password.

• Identification using a security code. When you access sensitive Microsoft account information or make changes (for example, your password), you’ll be asked to enter a security code that will be sent to your phone or an email address. After you enter the code, you can access and manage your information.
• Two-step verification. If you turn on two-step verification, you will be required to enter a security code whenever you sign in to Microsoft account, unless you are signing in on a "trusted device." Learn more about two-step verification and trusted devices.

If you haven’t started using an email address to sign in to Microsoft Advertising, you should make the change soon.

We know people sometimes share sign-in information, but this practice is not recommended for a number of reasons:

• Security. When everyone is sharing the same sign-in information, it can be difficult to keep your Microsoft Advertising accounts secure, particularly when people transition in and out of a company.
• Privacy. If you are signing in with an email address, you need to remember that the email address has personal information associated with it (for example, a telephone number and birth date). The email address can also be used to sign in to other Microsoft products that coworkers probably wouldn’t want to share (for example, Outlook, Skype, Xbox LIVE).
• Change history. If you want to look back and see who made which changes to an account and how those changes impacted performance, each user will need to sign in with a different user name or email address.

• Lock devices, company routers, and online accounts with strong passwords or PINs. Strong passwords are long phrases or sentences and mix capital and lowercase letters, numbers, and symbols.
• Use a unique password on each account or device containing personal or business data. Change those passwords regularly.
• Don’t disclose passwords or PINs to coworkers.

Here's more information on how to create a strong password.

• Strengthen your computers’ defenses:
  • Keep all software current with automatic updating (or follow the directions of your IT department).
  • Install legitimate antivirus and antispyware software.
  • Never turn off your firewall.
  • Use flash drives carefully to minimize the chance that you’ll infect your company network with malware.

• Don’t be tricked into downloading malicious software. Think carefully before you open attachments or click links in unusual email, text, or instant messages (IM), on social networks, or in random pop-up windows. If you’re unsure if a message is legitimate, even if it’s from a coworker, contact the sender, ideally using a different device and another account.

• Don’t put confidential information in email, instant, or text messages; they may not be secure.
• For the most sensitive transactions, such as Automated Clearing House (ACH) payments and payroll, consider using a dedicated computer not used for email or web browsing.
• Treat all public Wi-Fi networks as a security risk. Never make financial and other sensitive transactions on any device over public wireless networks.