It looks like Microsoft is finally getting on board with two-factor authentication for Microsoft Accounts, after leaked images seem to show the feature nestled within the Security info settings tab. LiveSide is reporting that the two-step verification method will require you to enter a code provided by a special Authenticator smartphone app to access your account, in addition to entering your regular account password.
The app, which is already available in the Windows Phone Store, states that you'll be able to easily link your Microsoft Account to the Authenticator app through "scanning a barcode or by manually entering a secret key", and "industry-standard security code generation" has been implemented to keep you secure. A screenshot of the Microsoft Account website indicates an app will be available in the stores for iOS, Android and BlackBerry.
LiveSide is reporting, however, that two-step authentication is not currently compatible with people who have a linked account, as you have to unlink all accounts before having the option to set up two-step. There's also an issue with two-step verification support across some apps that use Microsoft accounts, eg. third-party mail applications, so Microsoft will be providing an "app password" that you can generate on the Microsoft Account website and use instead of your regular password.
As the Authenticator app has already appeared in the Windows Phone Store it looks like two-step verification may be available very soon, although there is no concrete word on when we can expect it, nor have Microsoft officially announced such a feature. It will definitely be a welcome feature to bolster account security though, bringing Microsoft Account authentication up to the same level available currently in Google and Apple ID accounts.