Technologies

Doing these 5 things can help you lock down your Microsoft 365 account and keep hackers at bay

Even the US government isn’t immune to hackers compromising its Microsoft Office software. This is how to protect your own Microsoft apps and accounts.

Earlier this year, news broke that foreign hackers had for months been secretly monitoring email accounts and communications between US government officials in charge of identifying foreign threats to national security. The attackers executed their intrusion through malicious code in an IT product called SolarWinds, which allowed them to access the network and break into Microsoft’s email client.

Microsoft released guidance for how organizations can bolster security to attempt to avoid these attacks, and said that it has not identified any Microsoft product vulnerabilities.

There may not be much you can do about the SolarWinds vulnerability or others like it. But if you get your work or personal email through Outlook on Microsoft 365, there are ways to better secure your individual account and avoid hacks. (If you use Windows 10, there are also several security defaults that you can change to better protect your device — many of which will also be available in the upcoming Windows 11.)

Here are five ways to lock down your Microsoft account.

Read more: How to get Microsoft 365 for free

1. Set up multifactor authentication

Multifactor authentication is the best way to protect yourself from someone stealing your login credentials, according to the US Cybersecurity and Infrastructure Security Agency. Basically, it adds an extra layer of security to your account sign-in — for example, you enter your password along with a verification code sent to your phone or provided by an authenticator app.

To set up multifactor authentication (also called two-step verification), go to the security basics page, and sign in with your Microsoft account. Select More security options. Under Two-step verification, choose Set up two-step verification to turn it on and get further instructions.

To set it up on a work Microsoft 365 account, your administrator will have to enable it. Once that’s done, when you sign in with your username and password, you’ll be prompted for more information. Click Next.

The default authentication method is to use the free Microsoft Authenticator app, which you can download on your mobile device. This app gives you a unique code to enter that expires after a certain amount of time.

Or, if you’d rather get a code through SMS message, you can choose «I want to set up a different method.» Microsoft will ask for your mobile number, and send you a text with a six-digit code to verify your account.

2. Protect your password

Never use the same password for multiple accounts. There are lots of great password managers available to help you keep track of all your passwords, including the free LastPass. You should also choose a strong password — one that avoids using common words and is at least eight characters long. Check out our other recommendations for choosing a strong password here.

3. Avoid phishing scams

If you get an email about the security of your Microsoft account, it could be a phishing scam — a type of attack where hackers impersonate a company or someone you know to trick you into revealing personal information like passwords or credit card numbers. These emails often include a link to a malicious website, which you should never click.

The best way to avoid these emails is to know how to spot them — they might have misspelled words, be from a slightly misspelled source (like microsoftsupport.ru or micros0ft.com) or include an urgent call to take action or avoid a threat. If anything looks suspicious, just delete it, or report it by forwarding it to the Anti-Phishing Working Group at phishing-report@us-cert.gov.

4. Protect your apps

On your phone or desktop, only install and run apps from legitimate sources, like the app store for your device. If you’re using Microsoft 365, using Microsoft apps to access those accounts is the most secure choice, according to the company. You should also make sure all apps as well as your operating system are up to date — many updates you get are security fixes, so be sure to install them quickly.

5. Make it easy to recover your account

You can set up your account to make it easy to recover in case all else fails and you do get hacked. To do that, go to the Microsoft security basics page, and add in all the information, like your email address and phone number. Make sure you keep this information up to date to keep your account safer.

For more, check out our security tips if you’re still running Windows 7, how to download Windows 10 free and how to download Windows 11 free.

Technologies

Apple’s AI Health Coach Project May Need a Wellness Check

The company’s ambitious plans to introduce a virtual health coach may be going back to the drawing board, according to a report.

Apple is scaling back and rethinking its ambitious plans to introduce an AI-powered health coach, according to a Bloomberg report by Mark Gurman citing anonymous sources privy to the company’s plans.

The project, known inside Apple as Mulberry, was first reported last year, with the company expected to roll together health-related AI features as a coach or assistant. But now, Bloomberg reports, that project will be broken down into individual features introduced over time, as it has done with tools such as the sleep apnea and hearing tests added to Apple Watch and Apple AirPods.

A representative for Apple did not immediately respond to a request for comment.

Bloomberg’s sources point to a change in leadership over Apple’s health technology. Veteran services head Eddy Cue is overseeing those projects and addressing pressure from competitors pushing into the health space, including Oura and Peloton as well as tech giants like Google and OpenAI, which just launched ChatGPT Health.

(Disclosure: Ziff Davis, CNET’s parent company, filed a lawsuit against OpenAI in April, alleging that it infringed Ziff Davis copyrights in training and operating its AI systems.)

Apple was also said to have built a studio for a revamped health services app that would have included virtual and video wellness instructions, and integration with existing health tools and Apple devices. It is likely that some of that content and software will still be released publicly, just not in one package, according to Bloomberg.

Technologies

Here’s Why Taylor Swift’s Opalite Music Video Isn’t on YouTube Yet

The video is now available on Apple Music and Spotify, but it isn’t landing on YouTube for a couple more days.

YouTube may still be where many people instinctively go to watch music videos, but when Taylor Swift dropped her video for Opalite on Friday, it was noticeably absent from the platform. In fact, it won’t be landing on YouTube until Sunday, two days after its release on other streaming platforms.

So, why is the Opalite music video only available on Apple Music and Spotify Premium right now? It likely has to do with a disagreement between YouTube and Billboard, which ranks the most popular songs and albums of the week.

In December, Billboard shifted its charting methodology so paid and subscription-based streams are weighted even more favorably than ad-supported streams. Billboard started weighting paid streams higher than ad-supported ones in 2018. This most recent shift narrows that ratio from 1:3 to 1:2.5, putting numbers from platforms like YouTube at more of a disadvantage.

Following the change, YouTube posted a statement about its dispute with Billboard, calling the charting company’s methodology «an outdated formula.» It added, «This doesn’t reflect how fans engage with music today and ignores the massive engagement from fans who don’t have a subscription…We’re simply asking that every stream is counted fairly and equally, whether it is subscription-based or ad-supported—because every fan matters and every play should count.»

YouTube said that starting Jan. 16, 2026, its data would «no longer be delivered to Billboard or factored into their charts.»

For artists like Taylor Swift who count on early streams to boost their Billboard rankings, that could make YouTube a less appealing option for debuting new content. So the Opalite video will still be making its way to YouTube, but you’ll have to wait until Sunday, Feb. 8, at 8 a.m. ET to watch it there. Representatives for Swift, YouTube and Billboard did not immediately respond to a request for comment.

YouTube has an ad-supported streaming service as well as a paid one called YouTube Premium. However, even YouTube Premium subscribers can’t see the Opalite music video on Friday. (I’m a subscriber and can confirm it’s nowhere to be found.) According to Statista, in March 2025, YouTube had 125 million paid subscribers across its Premium and Music services. (YouTube Music is included in its Premium subscription.) That pales in comparison with the estimated 2.5 billion total users on YouTube, the majority of whom still rely on that ad-supported offering.

It remains to be seen whether or when YouTube and Billboard will mend their affairs and whether, in the words of Taylor Swift in Opalite, «this is just a temporary speed bump.»

Technologies

Valve Delays Steam Frame and Steam Machine Pricing as Memory Costs Rise

The company says its 2026 release window remains intact, but final prices and dates are still in flux.

Valve revealed its lineup of upcoming hardware in November, including a home PC-gaming console called the Steam Machine and the Steam Frame, a VR headset. At the time of the reveal, the company expected to release its hardware in «early 2026,» but the current state of memory and storage prices appears to have changed those plans.

Valve says its goal to release the Steam Frame and Steam Machine in the first half of 2026 has not changed, but it’s still deliberating on final shipping dates and pricing, according to a post from the company on Wednesday. While the company didn’t provide specifics, it said it was mindful of the current state of the hardware and storage markets. All kinds of computer components have rocketed in price due to massive investments in AI infrastructure.

«When we announced these products in November, we planned on being able to share specific pricing and launch dates by now. But the memory and storage shortages you’ve likely heard about across the industry have rapidly increased since then,» Valve said. «The limited availability and growing prices of these critical components mean we must revisit our exact shipping schedule and pricing (especially around Steam Machine and Steam Frame).»

Valve says it will provide more updates in the future about its hardware lineup.

What are the Steam Frame and Steam Machine?

The Steam Frame is a standalone VR headset that’s all about gaming. At the hardware reveal in November, CNET’s Scott Stein described it as a Steam Deck for your face. It runs on SteamOS on an ARM-based chip, so games can be loaded onto the headset and played directly from it, allowing gamers to play games on the go. There’s also the option to wirelessly stream games from a PC.

The Steam Machine is Valve’s home console. It’s a cube-shaped microcomputer intended to be connected to a TV.

When will the Steam Frame and Steam Machine come out?

Valve didn’t provide a specific launch date for either. The initial expectation after the November reveal was that the Steam Frame and Steam Machine would arrive in March. Valve’s statement about releasing its hardware in the first half of 2026 suggests both will come out in June at the latest.

How much will the Steam Frame and Steam Machine cost?

After the reveal, there was much speculation on their possible prices. For the Steam Frame, the expectation was that it would start at $600. The Steam Machine was expected to launch at a price closer to $700. Those estimates could easily increase by $100 or more due to the current state of pricing for memory and storage.