Enabling two-factor authentication is a great way to add an additional level of protection to your Microsoft account. Even if your password is stolen, your account is still protected because two-factor authetication requires an additional level of verification to log in. Microsoft calls their version of two-factor authentication "two-step verification" and it works by providing you with a random code that must be entered in additional to your password when you log in. Microsoft offers three ways to generate the verification code. It can be sent via e-mail, SMS message or using a token generator app on your mobile phone.
The first step to enable two-factor authentication on your Microsoft account is to sign in to your account settings by going to the following address https://account.live.com/proofs/manage. After you log in, you will be asked to verify your identity using a text message or a phone call.
Once you reach the "Protect Your Account" screen, click Set up two-step verification.
Now you will be able to select what you want to use for your second level of verification. Select an app, phone number or alternate e-mail from the drop down list. Then follow the on-screen steps for the selected verification type.
When completed a special recovery code will be displayed. Save this code in a safe place. I suggest pricning so you have an "offline" copy so that you can get back into your account in a worst case scenario.
Some Microsoft applications and services do not support two-factor authentication so Microsoft created a nifty work-around called App Passwords that offer a high degree of protection by generating a special password just for a specific application or service. Learn more about how to setup App Passwords here.