Background: Understanding Microsoft Work And Personal Accounts
Tip: How To Change The Login For Your Microsoft Account (And Why You Should)
Last week Microsoft candidly acknowledged that it has created a confusing and frustrating tangle with its two identity systems – personal Microsoft accounts and business Office 365 accounts. According to Microsoft, four million people use the same email address to log into their personal Microsoft account and their business Office 365 mailbox. That has worked out so badly that starting immediately, anyone with a business Office 365 email address will be blocked from using that address to set up a Microsoft account. In the longer term, Microsoft is working on building a “converged identity system” – basically a way to let the two accounts be linked behind the scenes so you’re not presented with confusing choices as often. No relief will come quickly; as Microsoft puts it, “It’s a complex area and lots of work remains to be done.”
Long-time readers have already heard this story. Many of you have two completely different accounts with Microsoft for services that are so separate that they might as well be run by different companies. In a series of branding blunders, Microsoft has made it difficult to understand what account belongs to what service, and has used way too many overlapping names.
The access to each account is an email address and a password. If you use the same email address for both types of accounts run by Microsoft, you are tied up in knots that are very, very hard to untangle.
Briefly, the two identity services are:
• Microsoft account (referred to as “personal”) – used for logging into Windows 10 computers, accessing files in OneDrive (Personal), and licensing Office programs with an Office 365 Home subscription
• Work account (referred to as “work or school,” “organizational,” or recently “Azure AD”) – used for business Office 365 email, accessing files in OneDrive for Business, and licensing Office programs with a business Office 365 subscription
If you use the same email address for both accounts – and many people do – there is no good way to know that two completely different systems are involved. After all, it’s all Microsoft, right?
An example: Microsoft set up two systems for storing files online, each one named OneDrive, with no visual difference between them – yet they are run completely differently behind the scenes and synced to your computer with two completely different sync programs, one of which doesn’t work very well. (Microsoft has been trying for years to create a single sync program that will sync the files in both OneDrive services. It’s not going well.)
The Microsoft division handling the business services is starting to refer to them as “Azure AD,” a name that is completely meaningless to anyone except bleeding-edge Microsoft IT pros. That explains the headline on last week’s article, “Cleaning up the AzureAD and Microsoft account overlap.” It begins with a wink and a nod to IT pros about the dialog screen above, asking users to decide if they’re logging into their “work or school account” or their “personal account.”
“We receive pretty regular feedback about how the split between our cloud identity systems — work/school accounts in Azure Active Directory and personally owned Microsoft accounts (formerly known as “Live ID” accounts) – can make for some pretty confusing user experiences. In particular, we know many of you have pretty strong feelings about this one particular screen.”
I can testify about the “pretty strong feelings.” They involve cursing and gnashing of teeth.
The MS employee in charge of the work to converge the two systems then explains the problem.
“Many users have two or more accounts with Microsoft. A personally-owned Microsoft account (formerly known as Live ID) used to access Skype, Office or OneDrive; and an organizational account (in Azure AD) used to access business services such as Office 365 or Power BI.
“We know from our telemetry data that just over 4M people have a personal Microsoft account with a work/school email address as a username.”
Conclusion: This is bad.
Microsoft will now block you from setting up a Microsoft account using an email address that is also a business Office 365 address. That’s a start but it doesn’t help the four million people already in that position.
If you’re using the same email address for both Microsoft work and personal accounts, get an @Outlook.com email address and use it as your Microsoft personal account. It will significantly reduce the difficulty of keeping track of the two sets of services. Microsoft published instructions about how to do that here, and I wrote an article with more background and specific instructions here.
The Microsoft team has its hands full. There are many Microsoft services aimed at IT pros that require personal Microsoft accounts even though they are clearly work oriented and should be able to be linked to business Office 365 accounts. (Among them: MSDN for developers and Microsoft’s Partner Network.) And those are just Microsoft’s internal problems. There is a huge cleanup task waiting for them when they try to clear up the confusion for end users.
It’s heartening to know that there are teams at Microsoft that understand the problem. I’m not sure the knot can be untangled but any progress will help.
I have two accounts running through 365, one for a school where I help out and one for a University where I study. I have them linked so that I get all my emails in one place, can anyone tell me if I will still be able to do this at the end of October please?
I’m not aware of any changes coming up to the way accounts can be linked. Good luck!
I had Office 2013 already and used my longtime account to sync OneDrive with that. Now I wanted to try Visio (and 365 was advertised as a free trial) and it forced me to make a new account. I made that new account with the same email address as the old account. But now that means I have 2 separate OneDrive locations.
Why Microsoft? Why are Office and Office 365 not able to share an account?
Sorry bob, the error I am actually getting from outlook.live.com is as follows:
An error occurred when you tried to access your mailbox because a server with information about you and your mailbox couldn’t be found.
X-ClientId: B10FCA1D6BEB45268771FD3588166B00
request-id a91f4eb8-499f-449c-a007-410b4ffa3a65
X-OWA-Error Microsoft.Exchange.Data.Directory.ADDriverStoreAccessNonLocalException
X-OWA-Version 15.20.444.16
X-FEServer SYXPR01CA0143
X-BEServer SYAPR01MB2622
Date:1/26/2018 4:19:58 AM
Sounds like it will take some digging to figure out what’s happened to your accounts. Sorry I can’t help. First step: make sure you have your credentials straight by opening up a web browser in incognito mode and logging in to http://mail.office365.com (business) and http://www.outlook.com (personal). It may help you get the basics straight so you can interpret other things that are going on. Good luck!
Hi Bob, great article! Would you know how I can completely remove any trace of a Microsoft account from a Windows 8.1 PC? I believe I have accidentally associated my personal account with my work PC when asked for a login account to Team Foundation Server and now I have all sorts of issues including not being able to even load outlook.live.com as I get the dreaded AD error as follows:
Something went wrong
We can’t get that information right now. Please try again later.
X-ClientId: E621111736FB40879A79512BFF34AE61
request-id 88ac356b-59b6-4284-89c1-c5f4af2427ef
X-Auth-Error ADDriverStoreAccessNonLocalException
X-OWA-Version 15.20.444.16
X-FEServer SYXPR01CA0142
X-BEServer SYAPR01MB2622
Date:26/01/2018 3:42:54 AM
I also can no longer get my email on my Windows 10 Phone which I assume is because of the above error.
I have tried removing my primary email (which my account is based on) from account.live.com, setting another email (my gmail) as primary then deleting the original account and adding it back in and resetting it to primary but it makes no difference – outlook.live.com still crashes and I still can’t download any email via my GoDaddy POP3 service via my account which has always worked before.
Hi! Non-tech end user here. So glad to have come across this, but not positive I understand how to apply this to my a specific situation…
I just started work for a new (micro-small) company. They purchased a new laptop for me. While I do have a MS personal account, I’d prefer to keep all personal stuff off of this laptop. In Windows 10 setup, I chose “I own it” (because there is no org domain to link to). The company owner has given me Office 365 credentials (based on my new company email, karen @xxx.com). I’m stuck at the “Make It Yours” screen where it prompts me to enter a MS account – I’m guessing that I should make something new (i.e., karen @outlook.com) vs using the Office 365 credentials. Any issues with that path? Thanks!
A better option might be to set up a login that is not tied to any MS account – a “local account.” During setup, look for “skip this step” or “I don’t have this information.” (You can also link and unlink personal MS accounts after the computer is set up, in Settings / Accounts.) You can set up a login name and password just like previous versions of Windows.
The advantage of linking to a personal Microsoft account is that various things are synced online or automatically logged in. For example, if you used your personal MS account, you’d be linked automatically to your personal OneDrive files and the computer would sync various settings – wallpaper, IE favorites, a few other things.But if that’s not important, then a local account may be the simplest and best choice.
Right. As you mentioned in a earlier comment, there is no fundamental flaw with having two separate account databases. It actually happens within the same company more often than I think a lot of people realize. I could provide many non-MS examples, both large and small. Unfortunately, in practice it almost always goes sideways to one degree or another because of the way the front-ends and middle-ware are designed. Companies often try to get fancy with SSO or cross-product/market integration after the fact and then find they really haven’t thought things through. I personally feel that MS Corp is on the more severe end of the spectrum when it comes to how poorly they’ve managed and compounded such problems over the years. I tend to put less blame on MS partners because at the end of the day they end up having to work with what MS has given them.
As far as my university example goes, it seems especially egregious given there was already a working SSO setup in the form of Live@edu with the school having password management rights and syncing with the central school systems. It worked very well and I know other schools that felt the same. The fact that the university IT staff had the sense of mind to warn people about this change seems telling. Sure enough, there was a lot of confusion and greatly increased support ticket volume to the university’s help desk. Even if you were a more savvy user, kept track of things, and maybe even understood the MS roadmap driving it all, it was still annoying to have things become disjointed after having been unified. The move from Live@edu to Office 365 didn’t do folks many favors when it came to SSO and product unification in general. I feel like MS not only shot themselves in the foot, but put a lot of effort into designing and manufacturing the gun.
Back in 2013 a family member attending a local university was informed by the school’s IT staff about a systems upgrade. According to the formal announcement they were transitioning from the MS Live@edu product to Office 365. The announcement continued by saying that after the upgrade the student would have two different accounts using the same school email address for logon: One Office 365 account with a password administered by the school’s IT group, just as the Live@edu was; and one new “Personal Microsoft account” for “SkyDrive content, Messenger, and other Microsoft services.” While the passwords would start out the same, it was noted that subsequent changes to the Personal Microsoft account password would not sync with the Office 365 (and thus the school email account password). They closed by stressing that the school would no longer administer the password for the MS services now under the Personal account.
So at least at one point a large educational customer working with MS had this nonsense perpetuated as part of an official roll out/migration! Scale wise the university provided accounts for current students, including continuing ed, along with alumni, faculty, and staff. I imagine that the number of accounts was sizeable. Who knows how long this particular practice went on for. I wonder how many of the aforementioned 4M+ shared ID accounts were created out of formal MS organizational account practices vs. end-user self initiated excursions.
Ouch! And yet, it’s easy to believe. I did that for my clients for a long time. It’s only become apparent recently how much confusion it causes. What a mess!
It’s even worse than you think!
MSDN Requires a Personal Account to activate a subscription. So now I have two accounts with the same email address and one account works on the office network and connects to the office TFS and the other connects to Microsoft’s cloud TFS.
If I sign in to Visual Studio to use MSDN or update SW when I go to grab code from TFS it goes to the wrong TFS. If I DON’T sign in to Visual Studio then I go to the right TFS but cannot download software updates.
This is beyond insane.
MS link: https://www.visualstudio.com/en-us/docs/setup-admin/team-services/link-msdn-subscription-to-organizational-account-vs
I work at a university, do a lot of work at home, and have a lot of personal emails tangled up with my work emails anyway. (I do have a separate consulting account on a 3rd party provider which is more insulated, but ignore that for now.) Given that this work/home situation is unlikely to change soon, is there any reason I shouldn’t just leave things as they are – put up with the stupid “Which account do you want to use?” screen for the foreseeable future – and figure that spending 60 seconds a day responding to the latter is quicker than all the time I would spend fixing the problem some other way? Ie, is anythng bad going to happen if I leave things as they are?
As I understand it, you’re absolutely fine to leave things the way they are. There’s no fundamental flaw in the system; Microsoft is only addressing the confusion that its current system causes. As long as you can keep the accounts straight, there’s no other reason to change your current setup. It seems unlikely that Microsoft will force anyone to change their login credentials for existing accounts.
Thanks for your series of articles on MS identities. It appears that I’m currently trapped with a “personal” account that’s used for the MS Volume License Program (and maybe other services) and my “business” account used for Office 365. I’m a little surprised that it is so hard to them to enable business credentials across the board, but I hope they are able to come up with a good solution to “migrate” my company’s licenses from my personal account to business account when then time comes. I’m tempted to create a new Office 365 address for the personal account just to get rid of the annoying question about which account I want to use.
That’s exactly what I did – create a new personal account with a different address. Make sure you don’t lose anything along the way. A mess, isn’t it? Good luck.
@Amy_Rose_Taylor, per Bruce’s comments, “Microsoft account (referred to as “personal”) – used for logging into Windows 10 computers, accessing files in OneDrive (Personal), and licensing Office programs with an Office 365 Home subscription”. Thus, if you use any of the features noted, the “personal” account is actively used to authenticate and you will be affected and see the new behavior to prompt for an account to use.
Also, Bruce provides a troubleshooting tip by using the privacy mode of your web browser.
Thank you Bruce for blogging about this issue.
The folks at MS are total idiots. I use 4 devices, phone, surface pro 3tablet, work PC, and home PC. My home PC with windows 7 finally died. I bought a new $1,000 Lenovo and now I have been locked out of my tablet and new Lenovo due to this MS account fiasco. In trying to fix this mess I think I wound up with a 3rd Hotmail address and account. I can’t figure out which password goes with which account on which device. It’s a damn shame that I have a 3 day old $1000 lap top that’s totally useless now. Can anybody help me or tell me who I can physically talk with to try and straighten this mess out. My IS folks are perplexed as well.
Thanks for the series of articles on this issue, google supplied me with one of the earlier ones and I have progressed chronologically through another 4 or 5 to this one. It is only mildly relieving to know that MS is capable of eventually recognising it’s own problems and at least starting to address them.
Unfortunately I still cannot figure out why I am affected by this.
I have two accounts with MS, personal is mynickname@outlook.com and O365 business is firstname@mydomain.co.uk.
Whenever I log in to OneDrive through 3rd party apps I get the same login screen.
If I click personal it shows my O365 credentials, but I don’t use these for personal use, I’ve no idea how it got this idea and how to make it forget and to use my outlook credentials.
I must admit I’m a little distracted at the moment so I may be missing something obvious.
The system is too convoluted to give you an easy answer but one tip – your best friend is the incognito/in private mode for your web browser. It lets you go to http://www.onedrive.com and log in to each account in turn to figure out whether your files are in OneDrive (Outlook.com) or OneDrive for Business (work address). If you can get oriented, then you may be able to set up sync apps and 3d party apps with more confidence. Good luck!