Microsoft Account - Overview

Overview

Microsoft account allows users to sign in to websites that support this service using a single set of credentials. Users' credentials are not checked by Microsoft account-enabled websites, but by a Microsoft account authentication server. A new user signing into a Microsoft account-enabled website is first redirected to the nearest authentication server, which asks for username and password over an SSL connection. User may select to have their computer remember their login: A newly signed-in user has an encrypted time-limited cookie stored on their computer and receives a triple DES encrypted ID-tag that previously has been agreed upon between the authentication server and the Microsoft account-enabled website. This ID-tag is then sent to the website, upon which the website plants another encrypted HTTP cookie in the user’s computer, also time-limited. As long as these cookies are valid, the user is not required to supply a username and password. If the user actively logs out of their Microsoft account, these cookies will be removed.

Microsoft account offers a user two different methods for creating an account:

1. Use an existing e-mail address: Users are able to use their own valid e-mail address to sign up for a Microsoft account. The service turns the requesting user's e-mail address into a Microsoft account. User may also choose a password of his own choice.
2. Sign up for a Microsoft e-mail address: Users can also sign up for an e-mail account with Microsoft's webmail services designated domains (i.e. @hotmail.com, @live.com, and @outlook.com or any variant for a specific country) that can be used as a Microsoft account to sign in to other Microsoft account-enabled websites.

Microsoft sites, services, and properties such as Windows Live, MSN, Xbox LIVE, Zune, Windows Phone, and Windows 8 use Microsoft account as a mean of identifying users. There are also several other companies that use it, such as the Hoyts website which is hosted by NineMSN.

Windows XP and later has an option to link a Windows user account with a Microsoft account, thus automatically logging users into Microsoft account whenever a service is accessed. Windows 8 also allow users to directly authenticate into their PCs using their Microsoft account, rather than a local or domain user.