Today I was looking for a Best practice or a recommendation how to use the Option alternate Email Address which is available on Accounts with administrative permissions. You can find this information when you go to myapps.microsoft.com and click on profile:
When I asked around a little bit, a common answer I became was: “I just use my private Email Address for this purpose”. Yeah, quite simple, but do you think that is a good idea?
I would rather use an Email Account only created for this purpose, because using a private Mail Account, could have a an impact to your security.
When an attacker has get your mobile, he can easily pass the second verification step, the first is gaining access to your private mailbox, by answering the call from Azure/Microsoft.
What do you think could be a better solution for this questioning?
Feel free to share your opinion in the comments, or write me on twitter.