What you need to know about privacy and security in OneDrive

OneDrive is free online storage that’s built into Windows 8.1 and Windows RT 8.1. Add files from your PC to OneDrive, and then easily access your photos, music, documents, and other files on all the devices you use.

How you can help protect your privacy and security in OneDrive

Create a strong password for your Microsoft Account. You sign into OneDrive with your Microsoft Account. Here is some basic guidance on how to create a strong password for that account. Different sites have different rules for passwords that they’ll accept, but this guidance should work anywhere you need to create a password:

  • Length. Make your passwords at least eight (8) characters long.
  • Complexity. Include a combination of at least three (3) uppercase and/or lowercase letters, punctuation, symbols, and numerals. The more variety of characters in your password, the better.
  • Variety. Don’t use the same password for everything. Cybercriminals can steal passwords from websites that have poor security and then use those same passwords to target more secure environments, such as banking websites. Check the strength of your password.

Manage who can view or edit your OneDrive files. By default, your OneDrive files are available to you, although you can choose to share photos, documents, and other files. To share files or folders, right-click them and choose how you want to share them.

Add security info to your Microsoft account. You can add information like your phone number, an alternate email address, and a security question and answer to your account. That way, if you ever forget your password or your account gets hacked, we can use your security info to verify your identity and help you get back into your account. Go to the Security info page.

Use two-step verification. This helps protect your account by requiring you to enter an extra security code whenever you sign in on a device that isn’t trusted. For more information about two-step verification, see Two-step verification: FAQ.

Back up your OneDrive files. For details about using File History in Windows, see Set up a drive for File History.

For more information about how Microsoft helps keep your files safe in the cloud, see Privacy in OneDrive.

About the Author
Eve Blakemore

Group Manager, Trustworthy Computing

Eve Blakemore is a Group Manager for Trustworthy Computing who delivers consumer guidance around the latest trends in security and privacy. Eve joined Microsoft in 1998 and has worked in corporate and field roles with Microsoft Learning, US Public Sector, Read more »

Join the conversation

13 comments
  1. Anonymous

    Hi, I can no longer access to my hotmail account after following instruction for "Microsoft account security info".

    Please suggest who can I contact? Thank you.

  2. Anonymous

    Microsoft Essentials does not "turn on" when I start my computer. I have to manually open the program. When I turned on my computer, Essentials has always turned blue but now the icon stays red.

    I have updated the "virus definitions" and run full scan several time recently but the problem continues.

  3. Anonymous

    This is not related to the current topic, but, in addition to online security, apparently we need to be concerned about personal security as well. One of your camera cars just pulled up our driveway and turned around behind our house before 9:00 on a Sunday morning.. You should respect private property. We do not all want to be content on your site. I assume you will be distributing ad revenue to all property owners you include in your content?

  4. Anonymous

    Use two-step verification

    Because of this, I lost an account that I had for over 10 years with MS. There should have been a way to deactive this. If  people want to use it, fine by me but do not force us old folks to use things that we do not know how to use. Over 10 years, no hacker broke into my account. Only one that broke it was MS with this. I lost all my contacts and emails. I glad that I had several emails printed and was able to reconnect with people after creating a new account that does not have a two-step verification.

  5. Anonymous

    I can't get into my Microsoft account or my normal e-mail account.  It keeps saying I need a code and starts asking questions that I don't really want to answer for someone or something I don't know.  Is this now going on?  What can I do to get past this.

  6. Anonymous

    For several months now I feel as though I have been under attack from Microsoft in the name of 'security' – it can take me over an hour to access the above address which I have used since 1997 all over the world without any problems until now.  I keep getting sent on circular routes round setting new passwords, opening alternative accounts which are then not recognized , or alternatively told that it already exists and I need to choose one of a number of alternative – all exremely cumbersome alternatives.  HAS MICROSOFT DECLARED WAR ON ME? It certainly feels like it. Can anyone help, please post to the above address, obne day I might be able to access it again and find out what to do… Just occasionally they let me in.

  7. Anonymous

    I can no longer access my emails at all because I am still waiting for a verification code. Posting this on my husbands tablet, please hurry with my code.

  8. Anonymous

    i removed my bookmarks by mistake and dont no my microsoft account nu.i cannot access any of my emails etc and ive tried to get new password but they ask for email address to send the code and i carnt do this as i carnt use any of my emails/please could you tell me how i can resolve my problem

  9. Anonymous

    HI how can i get to my hotmail account when you send a coad to a account i do not now so can you unblock my account and i will be happy thnks nev

  10. Anonymous

    I have had trouble with my live.com acess for the second time in 3 months.  I have  tried to change the alternate e-mail address (which was hacked & closed 3 months ago) but I keepgetting message for a code and that it will take a month.  I have tbe unique ID which was given when I opened acct plus other identifying questions

  11. Anonymous

    The problem is compounded for people who do not have cell phones and/or only one email address. To do security properly in any webmail service, one needs to provide either 1) a CURRENT cell phone number with area code that has text messaging set up (and you know how to use text messaging) OR 2) a CURRENT email address from a DIFFERENT email provider (with a known password) than the one you are trying to get set up.

    Better to have both.

    Keep your cell number current with the webmail account. Keep the password known with the other email provider. Don't let the browser's memory be the only way any password is remembered. Write it down and keep it current. Any software solution can fail.

    The verification code has to be received "somewhere" for one to read it.

  12. Anonymous

    I suggest you use a strong password for example not my Password I use Caps followed by lower case say ABCabc110767* Hotmail only allows 13 characters and sometimes it says just 12. the example 110767 id Marie Curries birthday,  use any no longer than 6 characters  followed by an *  or $, or @,A password that long will take the fastest computers about 3 billion years to decode. Mine would be somewhat like  this ABCabc041439$

  13. Anonymous

    I think the One-drive password and msn mail passwords should be different. Those 2 things should be independent of each other.

Comments are closed.