You can pretty much stick a file manager interface onto any app you want. But when it comes to actual personal storage apps, be it local or in the cloud, developers could always go further by installing an enhanced-security enclave — where particularly sensitive files can be stored and accessed only through further authentication. Microsoft recently decided to give OneDrive customers such an extra layer, branding it as their own "Personal Vault."

OneDrive users can assign their media — documents, photos, videos, whatnot — to be uploaded directly into their Personal Vault so that they can spend less time on their phone.

On most devices, the extra security comes in the form of several verification methods including a fingerprint or facial scan, a PIN, or a code from an email, SMS, or the Microsoft Authenticator app. Furthermore, on PCs, OneDrive will also use BitLocker to encrypt a portion of the local storage where the Personal Vault files are synced. Access sessions are limited based on browsing inactivity, so users may have to re-authenticate every so often to take a longer look at their assets.

If we want to nitpick here, this isn't two-factor authentication as the verification step does not require two of these factors at once to qualify access. But at the very least, these measures taken together should keep prying eyes away from certain docs, even if they gain physical access to the device. OneDrive will first roll out Personal Vault to Australia, New Zealand, and Canada, then to most other regions by the end of the year.

As a sidecar, Microsoft is also bumping up the OneDrive storage allotment for its $2 monthly subscription from 50GB to 100GB for existing and new users from today. Office 365 subscribers are getting a 2TB storage option and are also getting ad hoc OneDrive add-ons of 200GB for $2 per month or 1TB for $10 monthly. These new offerings are available now.