Last week Microsoft candidly acknowledged that it has created a confusing and frustrating tangle with its two identity systems – personal Microsoft accounts and business Office 365 accounts. According to Microsoft, four million people use the same email address to log into their personal Microsoft account and their business Office 365 mailbox. That has worked out so badly that starting immediately, anyone with a business Office 365 email address will be blocked from using that address to set up a Microsoft account. In the longer term, Microsoft is working on building a “converged identity system” – basically a way to let the two accounts be linked behind the scenes so you’re not presented with confusing choices as often. No relief will come quickly; as Microsoft puts it, “It’s a complex area and lots of work remains to be done.”
Long-time readers have already heard this story. Many of you have two completely different accounts with Microsoft for services that are so separate that they might as well be run by different companies. In a series of branding blunders, Microsoft has made it difficult to understand what account belongs to what service, and has used way too many overlapping names.
The access to each account is an email address and a password. If you use the same email address for both types of accounts run by Microsoft, you are tied up in knots that are very, very hard to untangle.
Briefly, the two identity services are:
• Microsoft account (referred to as “personal”) – used for logging into Windows 10 computers, accessing files in OneDrive (Personal), and licensing Office programs with an Office 365 Home subscription
• Work account (referred to as “work or school,” “organizational,” or recently “Azure AD”) – used for business Office 365 email, accessing files in OneDrive for Business, and licensing Office programs with a business Office 365 subscription
If you use the same email address for both accounts – and many people do – there is no good way to know that two completely different systems are involved. After all, it’s all Microsoft, right?
An example: Microsoft set up two systems for storing files online, each one named OneDrive, with no visual difference between them – yet they are run completely differently behind the scenes and synced to your computer with two completely different sync programs, one of which doesn’t work very well. (Microsoft has been trying for years to create a single sync program that will sync the files in both OneDrive services. It’s not going well.)
The Microsoft division handling the business services is starting to refer to them as “Azure AD,” a name that is completely meaningless to anyone except bleeding-edge Microsoft IT pros. That explains the headline on last week’s article, “Cleaning up the AzureAD and Microsoft account overlap.” It begins with a wink and a nod to IT pros about the dialog screen above, asking users to decide if they’re logging into their “work or school account” or their “personal account.”
“We receive pretty regular feedback about how the split between our cloud identity systems — work/school accounts in Azure Active Directory and personally owned Microsoft accounts (formerly known as “Live ID” accounts) – can make for some pretty confusing user experiences. In particular, we know many of you have pretty strong feelings about this one particular screen.”
I can testify about the “pretty strong feelings.” They involve cursing and gnashing of teeth.
The MS employee in charge of the work to converge the two systems then explains the problem.
“Many users have two or more accounts with Microsoft. A personally-owned Microsoft account (formerly known as Live ID) used to access Skype, Office or OneDrive; and an organizational account (in Azure AD) used to access business services such as Office 365 or Power BI.
“We know from our telemetry data that just over 4M people have a personal Microsoft account with a work/school email address as a username.”
Conclusion: This is bad.
Microsoft will now block you from setting up a Microsoft account using an email address that is also a business Office 365 address. That’s a start but it doesn’t help the four million people already in that position.
If you’re using the same email address for both Microsoft work and personal accounts, get an @Outlook.com email address and use it as your Microsoft personal account. It will significantly reduce the difficulty of keeping track of the two sets of services. Microsoft published instructions about how to do that here, and I wrote an article with more background and specific instructions here.
The Microsoft team has its hands full. There are many Microsoft services aimed at IT pros that require personal Microsoft accounts even though they are clearly work oriented and should be able to be linked to business Office 365 accounts. (Among them: MSDN for developers and Microsoft’s Partner Network.) And those are just Microsoft’s internal problems. There is a huge cleanup task waiting for them when they try to clear up the confusion for end users.
It’s heartening to know that there are teams at Microsoft that understand the problem. I’m not sure the knot can be untangled but any progress will help.