![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(44.800000000000004, 96%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EC%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
The repeated, unsolicited prompts in Microsoft Authenticator are not caused by a data leak in the app. They are typically the result of someone repeatedly trying to sign in to the account using the correct username but guessing or reusing a password. Because the account is protected with multi-factor authentication, those sign-in attempts generate “Are you trying to sign in?” prompts.
According to the guidance, if an unrequested prompt appears, it may be because:
- Someone is trying to access the account.
- Someone accidentally entered the wrong phone/email when trying to sign in.
- A previously requested prompt was delayed in delivery.
Any request that was not initiated must be denied. Without the correct response in Authenticator, attackers cannot complete the sign-in and the account remains protected.
To reduce risk further:
- Continue to deny all prompts that were not initiated.
- Ensure the account uses a strong, unique password and multi-factor authentication.
- Review account security and recent activity to confirm there is no successful unauthorized access.
There is no indication in the provided material of a known “data leak” in Microsoft Authenticator or a pending patch specifically to stop such prompts; the prompts are a security control indicating blocked sign-in attempts, not a defect in the app.
References: