![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(57.599999999999994, 62%, 15%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBM%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Identity Manager
A tool for managing user identities, credentials, and access across on-premises and cloud environments
A single-use (verification) code email that was not requested usually means one of the following:
- Someone is trying to sign in to the account.
- Someone mistyped their phone number or email when trying to sign in.
- A code that was legitimately requested earlier was delayed in delivery.
Do not use or reply to any codes that were not requested. Without the code, an attacker cannot complete sign-in, so the account remains protected.
Microsoft support and community moderators cannot see who requested the code or provide that information. To improve security and reduce unwanted codes, enable or move to passwordless sign-in methods such as Windows Hello, Microsoft Authenticator, SMS or email codes, or physical security keys, as described in the passwordless guidance.
If unexpected codes continue, review and harden the account’s security settings and consider going passwordless using the documented steps.
References: