Following in the footsteps of companies such as Blizzard Entertainment, Microsoft reportedly will be getting support for two-factor authentication to Accounts. According to LiveSide.net, account holders will be required to enter a security code generated by an authenticator app on their phone when they log into Microsoft Account. However, devices included in your Trusted PC list, which you can add to via Microsoft account, won't be required to enter a security code to log in.
Two-factor authentication of this type is traditionally used as a way to prevent password theft. Sadly, LiveSide says Microsoft's system won't work with linked accounts, forcing users to unlink accounts before protecting themselves. No official timing has been announced regarding the availability of this feature, but there is already an Authenticator app available in the Windows Phone store. Microsoft, presumably, just needs to turn the feature on at account.live.com.
Microsoft is reportedly already preparing workarounds to anticipated hiccups such as the fact that the Mail app may not work properly with two-step account verification. Using a rumored App password feature, if you have two-factor authentication enabled but you want to access an app or service that doesn't support it, you'll need to generate an app password from Microsoft Account, which you'll then need to enter to use the app or service you're trying to use.
Blizzard Entertainment implemented a similar security structure around the time that Diablo III was released, which was rife with security holes that were regularly exploited by hackers shortly after the game's launch. Since the authenticator was implemented by Blizzard, instances of hacking have decreased drastically.