Microsoft added three new security features for accounts, which is good, but you can sign-in to Windows 8.1 without having a Microsoft email account tied to it. Microsoft recently added three new security features to customer accounts: account recovery codes, recent account activity and more control over security notifications. After we look at that, we’ll look at how to change your Windows 8.1 account to a local account without being tied to a Microsoft account, or any email address.Account recovery codesThousands of people each day enable an extra layer of protection for their account by activating two-step verification, explained Microsoft Account Group Program Manager Eric Doerr. But there are times when people lose access to their security info, so that’s why Microsoft “created a secure recovery code, which can be used to regain access to your account.”“Because two-step verification setup requires two verified pieces of security information, like a phone number and email address, it will be a rare occasion when both options fail, but in the event they do, we’ve got you covered,” said Doerr. But it obviously happened often enough that it made it into the two-step verification FAQ. At any rate, now “anybody can add a recovery code to their account (even if you don’t turn on two-step verification). Your recovery code is like a spare key to your house – so make sure you store it in a safe place. You can only request one recovery code at a time; requesting a new code cancels the old one.”Recent account activity The option to view your recent account activity will allow you to see when your account was accessed. If you see a login that wasn’t made by you, or an unknown IP addy accessing your account, then you can click on that sign-in or account change notification to report it via hitting the “This wasn’t me” button. There are numerous activities reported, ranging from successful sign-in, password changed, two-step verification turned off, to alias added or deleted.As you can see from the example picture, this page displays different types of activity, including successful and unsuccessful sign-ins, the addition and deletion of security information and more. For each type of activity, we show you what kind of device and browser was used, and what location the request came from, including a handy map from our friends at Bing.More control of security notificationsLastly, the security option under your Microsoft account settings will now allow you to choose how Microsoft notifies you for suspicious or unusual logins.Change Windows 8.1 passwordIf you haven’t enabled two-step verification, then you really need to. In Windows 8.1, for example, your Microsoft account password is likely tied to your Microsoft email account. I recall thinking Hotmail, are you flipping kidding me? An online site that script kiddies in kindergarten can hack? But Microsoft says you don’t have to use a Microsoft account to setup flavors of Windows 8.If you want to change the password on your Windows 8 – 8.1 PC, then swipe from the right to left if you’re using a touch-enabled device, or move your mouse to the upper right corner to open the Charms menu. Select SettingsOr you could simply use the keyboard shortcuts of Windows logo key + I to open Settings. Then select Change PC settings.You can change the password via Change PC settings > Accounts > Sign-in options.Change Windows 8.1 to local account with no Microsoft email account Although there are other ways to change your password, going through Accounts is also how you create a new local account not associated with Microsoft in case you want that.Settings > Change PC settings > Account > Other accounts > Manage other accounts > Add an account.You might note, however, that after Adding an Account, at the bottom of “How will this person sign in” screen, you see “Sign in without a Microsoft account (not recommended).” Click on that and Add a user Local account option magically appears.If you create a Local account, then it’s a normal Windows login account that does not require you to have a Microsoft account, or an email account tied to it. 😉 Related content news Dow Jones watchlist of high-risk businesses, people found on unsecured database A Dow Jones watchlist of 2.4 million at-risk businesses, politicians, and individuals was left unprotected on public cloud server. By Ms. Smith Feb 28, 2019 4 mins Data Breach Hacking Security news Ransomware attacks hit Florida ISP, Australian cardiology group Ransomware attacks might be on the decline, but that doesn't mean we don't have new victims. A Florida ISP and an Australian cardiology group were hit recently. By Ms. Smith Feb 27, 2019 4 mins Ransomware Security news Bare-metal cloud servers vulnerable to Cloudborne flaw Researchers warn that firmware backdoors planted on bare-metal cloud servers could later be exploited to brick a different customer’s server, to steal their data, or for ransomware attacks. By Ms. Smith Feb 26, 2019 3 mins Cloud Computing Security news Meet the man-in-the-room attack: Hackers can invisibly eavesdrop on Bigscreen VR users Flaws in Bigscreen could allow 'invisible Peeping Tom' hackers to eavesdrop on Bigscreen VR users, to discreetly deliver malware payloads, to completely control victims' computers and even to start a worm infection spreading through VR By Ms. Smith Feb 21, 2019 4 mins Hacking Vulnerabilities Security Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe