If you use Microsoft services like Hotmail (and now Outlook.com), Xbox Live, SkyDrive, or have a Windows Phone, you already have a Microsoft account. This account can also be used to sign in to Windows 8. In a nutshell, it’s a single account that ties up your devices and services so that you can take advantage of features like settings sync and deep integration between services and apps.
To make the Microsoft account more secure, Microsoft has just announced that you can now (or in the next couple of days if you don't see it now) optionally turn on two-step verification for the entire account (yes, regardless of service or device you’re using). With it enabled, you’ll need to provide two pieces of information (your password and a code sent to your phone or email) whenever you access your account.
For smartphones, there’s an authenticator app to set up; this allows you to receive the two-step verification codes even if the device is offline. Microsoft has released a separate Authenticator app for Windows Phone, but there's no word when the Android and iOS equivalent will arrive. For devices that don’t support two-step verification (such as the Xbox), you can set a password that’s unique to each device or app. For your favorite devices, you can also choose to not ask for security codes after the first time.
However, Microsoft warns that if you ever lose access to your secondary security proof (but not your password), customer support is unable to update it for you. You’ll have to wait for 30 days before you can regain access to your account. If you lose access to both your password and security info, you won’t be able to regain access to your account anymore. So, while enabling two-factor authentication makes your Microsoft account more secure, the onus is on you to keep your account up to date.
The web-based two-step verification setup can be found here.