Microsoft is committed to helping keep our customers secure, and we’re thrilled to share that we’re now offering greater security measures for businesses to govern the identities that use their Microsoft Advertising accounts, with a feature known as work account authentication
. This offers businesses the ability to restrict sign-in to only work accounts that are authenticated by Azure Active Directory, Microsoft’s cloud-based identity and access management service.
Starting on Monday, October 21, we’ll be in open beta for this feature for any accounts that are currently not using a third-party tool provider. If you’re interested in participating in the open beta for work account authentication, don’t use a third-party provider, and use Azure Active Directory to authenticate users, please reach out to your account manager. If you don’t have one, you can directly reach us through this survey
, and we’ll get back to you.
What are work accounts?
Work accounts are Microsoft’s corporate identity solution for professional use, allowing users to use their existing work credentials, thereby eliminating the need to have another set of usernames to sign into Microsoft Advertising. This allows businesses to:
You can control the page, branding, and required authentication methods.
- Easily create, edit and remove accounts from their company directory, and have these changes dictate whether their users can access Microsoft Advertising
- Enforce their company security policies for how their users access the platform (such as by two-factor authentication)
- Get a quick view of who can and can’t access their Microsoft Advertising accounts.
On the Users tab, you can enforce that users authenticate with a work account (2), and you can see who can and can’t access their Microsoft Advertising accounts (3).
This means businesses no longer need to periodically audit to make sure users should still have access to Microsoft Advertising, as well as get more granular control over which specific domains should have access. Also, for users, this means they can Single Sign-On
(if it’s supported by their IT department), so they’ll never forget their Microsoft Advertising password, and stay compliant with security policies.
Best practices for account security
We’re excited to be finally offering these enhanced security measures to our Microsoft Advertising customers to continue delivering on our commitment to keep our customers secure. In addition to this work accounts open beta, we wanted to remind users of some account management best practices to help better secure your use of Microsoft Advertising.
For the most secure experience, we recommend you 1) ensure your Microsoft Advertising login password is unique
from other services you use and 2) add two-factor authentication
to your existing accounts. These actions should help reduce the probability of unathorized users gaining access to your account.
Steps to update your password:
- Sign into your Microsoft Account, then select Security.
- Select Change password.
- Type your current password, then type a new password and type it again to verify. If you forgot your current password, you can reset your password.
- Select Save.
Tips for creating a strong and unique password:
- Don’t use a password that is the same or similar to one you use on any other website. A cybercriminal who can break into that website can steal your password from it and use it to steal your Microsoft account.
- Don’t use a single word (e.g. “prince”) or a commonly used phrase (e.g. “Iloveyou”).
- Do make your password hard to guess even by those who know a lot about you (such as the names and birthdays of your friends and family, your favorite bands, and phrases you like to use).
If you haven’t already, please set up two-factor authentication
. It adds an extra layer of protection by presenting an authentication challenge whenever your credentials are accessed from an unrecognized location. For strong two-factor authentication, please select mobile-based verification as your primary means for validation.
If you turn on two-factor authentication and then try to sign in on a device we don’t recognize, we'll ask you for two things:
- Your password
- An extra security code
We can send a new security code to your phone or your alternate email address, or you can get one through an authenticator app on your smartphone. The Microsoft Authenticator app
is recommended as a preferred two-factor authentication mobile option.
Please keep the feedback coming!
We’re grateful for your feedback. It shapes our product. So please keep it coming! For any questions or feedback regarding work accounts, please reach out to your Microsoft Advertising account manager or contact support
. You can also ping us on Twitter
, suggest a feature on the Microsoft Advertising Feature Suggestions Forum
, or send an email to firstname.lastname@example.org