Microsoft Accounts—the credentials used for Hotmail, Outlook.com, the Windows Store, and other Microsoft services—will soon offer two-factor authentication to ensure that accounts can't be compromised through disclosure of the password alone.

Revealed by LiveSide, the two factor authentication will use a phone app—which is already available for Windows Phone, even though the two-factor authentication isn't switched on yet—to generate a random code. This code must be entered alongside the password.

For systems that are used regularly, it's possible to disable the code requirement and allow logging in with the password alone. For systems that only accept passwords, such as e-mail clients, it appears that Microsoft will allow the creation of one-off application-specific passwords.

When this feature is finally enabled, it will bring Microsoft Accounts in line with comparable facilities already available for Google, Facebook, PayPal, and most recently, Apple accounts.

Curiously, this is the second two-factor scheme for Microsoft Accounts. Certain sensitive operations, such as trusting a new PC to enable it to sync passwords, can already work with two-factor authentication, using a random code sent by text message rather than an app. Why this scheme was not simply extended to cover logging in is presently unclear.