![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(64, 81%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELH%3C/text%3E%3C/svg%3E)
A Microsoft verification code email that was not requested is typically triggered because:
- Someone is trying to access the account associated with that email address.
- Someone mistyped their phone/email when trying to sign in.
- A code that was requested earlier was delayed in delivery.
Do not use or reply to any verification code that was not requested. Without that code, an attacker cannot complete the sign-in, so the account remains safe.
If there is an old Hotmail/Outlook account that is still active, it is possible the email is related to that account. To be safe:
- Sign in directly (without using any links in the email) by typing
https://account.microsoft.comorhttps://account.live.cominto the browser. - Check recent activity and security info for that account.
- Consider strengthening security by going passwordless and using methods such as Microsoft Authenticator, SMS/Email codes, Windows Hello, or security keys.
If verification codes continue to arrive without being requested, going passwordless can reduce unwanted code prompts and improve security.
References:
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 65%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EEA%3C/text%3E%3C/svg%3E)