Create a strong password on your account

Using a simple password that is in a dictionary or the name of your pet dog can be very easy to guess. Create a strong password that includes a combination of uppercase and lowercase letters, numbers, and special characters (for example, #, $, %, ^, &, and *).

Tip: Think of a memorable sentence from your favorite film, book, or song lyric then take the first letter of each word in the sentence, then add meaningful numbers and add special characters to make the password strong. Check here to see how strong your password is.

Add additional security proofs to your Windows Live ID

Proofs are similar to having a spare set of keys to your house. Windows Live allows you to create your own spare set of keys or "proofs" in case you lose your password or access to your account using the following four methods

  • Email addresses are used to support password reset notifications. You can have one or more email addresses associated with your account.
  • Computador is a unique proof that lets you link your Windows Live ID account with one or more of your personal computers. Then, if you ever need to regain control of your account by resetting your password, you simply need to be using your computer and we will know you are the legitimate owner.
  • Mobile number: Adding a mobile phone number can help us verify that this is your account. Also, if you forget your password, you can use this number to reset your password.TIP: We strongly recommend that you set this up now as the primary way of retrieving your account back to you in the event it gets compromised.
  • Secret question If you forget your password, we'll ask for your secret answer to verify your identity. Only you should know your secret question and secret answer. TIP: Use an answer that is completely irrelevant to the question being asked. For example, if your question is "Mothers' birthplace," then use Windows98se as your secret answer.

To add password reset information:

  • Go to the Windows Live Account overview webpage, and then sign in with your Windows Live ID.
  • Under Password reset information, click Add next to the item that you want set up (Email, Mobile phone, Trusted PC, or Question), and then follow the onscreen steps.

Install or update your Virus, Spyware, Malware protection software

Make sure your virus protection software is up to date with the latest updates. If you don’t have any protection software installed we strongly recommend you do so now. Microsoft Security Essentials is free Antivirus software available for download that also protects against spyware and other malicious software.


Do not share personal information

Share your Windows Live ID only with people you know personally. Treat your personal information online the same way you would not share any information with strangers offline. Follow the same rules online as you do in the real world.

Never share any personal details about you or your account

  1. Do not give your full name to strangers over the Internet or over Xbox LIVE. Do not put your full name in your Xbox LIVE profile.
  2. Keep your physical address private. Telling someone what school you go to or what neighborhood you live in can be enough to locate more information about you. Think of all the personal information that you have likely posted to social networking sites such as Facebook, MySpace, or Windows Live Skydrive that someone could use to pose as you. Do not put your full physical address in your Xbox LIVE profile.
  3. Do not give out your Windows Live ID as an email address to strangers. Set up a second email account at which you can use for communication with unknown people, mailing lists, etc. Maintain a strong password on the secondary email account as you do for your primary account.
  4. Do not unnecessarily reveal information about yourself or your accounts. Be wary of anyone asking you for information that they do not need.
  5. Do not share your password or personal information with anyone contacting you who is presenting themselves as a customer support agent or affiliated with Xbox or Microsoft. If you are concerned that the contact might not be legitimate, contact Xbox Support. Microsoft and Xbox will never ask you for your Windows Live ID password in email, through instant messaging, or over the phone. Enter your Windows Live ID password only at known Microsoft sites or through the Xbox console.

Set an Xbox LIVE passcode on your account

Setting an online Xbox LIVE passcode adds an additional layer of security on your account. If you set an Xbox LIVE pass code for your profile, anyone who wants to use that profile must enter the pass code before signing in to Xbox LIVE. Click here to find out how to set it.

Enable Online Safety settings

Xbox LIVE offers a wide variety of online safety and privacy settings so that you can control your Xbox LIVE experience. The default online safety and privacy settings are divided into three age groups: child, teen, and adult. Xbox LIVE determines which default safety and privacy settings to use based on the birthdate that was entered when the Xbox LIVE account was created.

You can, however, customize the online safety and privacy settings to whatever is best for you and your family. Adults can change the default settings on their own account as well as on family member accounts.

Click here to learn how to enable and find out what you can control.

Update your web browser and PC with latest security fixes

To ensure your web browser and computer is up to date with the latest security fixes, check to make sure you have the latest updates from Windows Update.

Check your browser phishing filters are turned on

Enabling these in your web browser helps detect phishing websites and can also help protect you from downloading or installing malware (malicious software) and alert you of any potential scamming websites. Normally these are turned on by default, however it's best to double check:

Internet Explorer: Select the "gear" icon on the tool bar, select Safety, Select Turn On Smart Screen Filter

For all other browsers check the browser's online help.

Trusted Microsoft websites

Is the website an official Microsoft site? Beware of websites which ask for your Windows LIVE account details, especially sites which offer deals that are too good to be true such as offering free Microsoft Points. You can identify common Microsoft sites by the following addresses:


Learn how to identify common types of account theft

Click here to find out more and become more secure online.