Developer account security
We use security info that you provide to raise the security level of your developer account by associating it with multiple forms of identification. This makes unauthorized access to your Microsoft account substantially more difficult. Also, if you ever forget your password or someone tries to access your account, we’ll be able to reach you to reestablish appropriate control of your account.
Security info helps to make unauthorized access to your account substantially more difficult. This info includes:
- Email accounts
- Phone numbers
- Trusted devices
When you sign in to the Windows Store Dashboard, the system requests that you verify your identity. In the case of an email address or a phone number, we send a security code that you must then supply to complete the sign-in process.
We recommend designating PCs that you use frequently as trusted devices. When you sign in from a trusted device, you usually won’t be prompted for a code.
In general, using a trusted device provides the most seamless sign-in experience. See Trusted devices: FAQ for more info.
When you sign in to your account and provide a security code as described above, you’ll see a checkbox to indicate that you sign in frequently on this device and do not want to be prompted for a code. If you select this option, you will no longer be prompted for a code every time you sign in to your Dashboard.
Note Even when you access the Windows Store Dashboard from a trusted device, you may occasionally be prompted to provide a security code in specific situations, or if you haven’t signed in on that device in a long time.
In general, using a trusted device provides the most seamless sign-in experience. For more info about trusted devices, see this help topic.
You must have at least two email addresses and/or phone numbers on your account. We recommend adding as many as possible. Remember that some security info must be confirmed before it will be valid.
Make sure to review your security info frequently to ensure that it’s up to date.
- Create your Microsoft account using an email address that belongs to your company's domain, but not to a single individual—for example, firstname.lastname@example.org.
- Limit access to your company's Windows Store Dashboard to the smallest possible number of developers.
- Set up a corporate email distribution list that includes everyone who needs to access the developer account, and add this email address to your security info. This allows all of the employees on the list to receive security codes when needed to access the Dashboard and to manage your Microsoft account’s security info. If setting up a distribution list is not feasible, the owner of the individual email account will need to be available to access and share the security code when prompted (such as when new security info is added to the account or when the Dashboard must be accessed from a new device).
- Add a company phone number that does not require an extension and is accessible to key team members.
- In general, have developers use trusted devices to access your Windows Store Dashboard. All key team members should have access to these trusted devices. This will reduce the need for security codes to be sent when accessing the account.
- If you need to allow access to the Windows Store Dashboard from a non-trusted PC, limit that access to a maximum of five developers. Ideally, these developers should access the Windows Store Dashboard from machines that share the same geographical and network location.
- Frequently review your company’s security info at https://account.live.com/proofs/Manage to make sure it’s all current.
Your Dashboard should be accessed primarily from trusted PCs. This is critical because there is a limit to the number of codes generated per account, per week. It also enables the most seamless sign-in experience.