![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(150.4, 57.99999999999999%, 24%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJC%3C/text%3E%3C/svg%3E)
Outlook | Web | Outlook.com | Account management, security, and privacy
Managing personal Outlook.com account settings, security, and privacy
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(291.2, 38%, 38%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
If you received an unsolicited verification code for your Microsoft account, it could indicate that someone is trying to gain access. The safest first step is to treat your account as potentially compromised. Immediately change your password to a strong, unique one that you have not used elsewhere. Make sure it includes a combination of upper and lower case letters, numbers, and symbols. After changing the password, review your account’s security settings and recovery options. Ensure your alternate email addresses and phone numbers are correct, and remove any that you do not recognize.
Enable two-factor authentication if it’s not already on. Microsoft calls this “Two-step verification,” and it adds a layer of protection even if your password is exposed. You can enable it through your account security page with Sign in to your Microsoft account -> Security -> Advanced security options -> Turn on two-step verification
Check your account for any recent activity or changes. Even if the email says there was no login, review the sign-in history for unusual locations or devices. If you notice anything unfamiliar, immediately sign out all sessions from the account Security -> Review activity -> Sign out everywhere
Finally, watch for phishing attempts. Emails that appear to be from Microsoft can be faked. Only click links directly from the official Microsoft website by manually typing https://account.microsoft.com into your browser. Do not use links in emails unless you are certain of their authenticity.
You may also consider running a full antivirus and malware scan on devices you use to access the account, since malware could capture your credentials.
If the above response helps answer your question, remember to "Accept Answer" so that others in the community facing similar issues can easily find the solution. Your contribution is highly appreciated.
hth
Marcin