![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(262.40000000000003, 2%, 35%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAS%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Unsuccessful sign-in attempts from unknown locations usually mean someone is guessing the password or entered the wrong credentials. Since two-step verification with Microsoft Authenticator is already enabled, the account is significantly more protected: even if the password is guessed, the attacker cannot complete sign-in without the second factor.
To stay safe and reduce risk:
- Review recent sign-in activity
- For a work or school account, open the My sign-ins or Recent account activity view (for example via Microsoft Authenticator → account → Recent account activity) and check all sign-ins.
- If any sign-in or attempt is not recognized, change the account password immediately and update security settings.
- Understand unsuccessful attempts
- Unsuccessful sign-ins can simply be mistyped credentials, but they can also indicate an attacker trying to guess the password.
- If there are entries where primary sign-in succeeded but additional verification failed, this means the password was correct but the second factor stopped the sign-in. In this case, change the password and review security info.
- Keep two-step verification and security info up to date
- Keep Microsoft Authenticator configured and working.
- Ensure backup methods (phone/email) on the Security info page are current so sign-in and recovery are always possible.
- If sign-in gets blocked or locked
- Microsoft may temporarily block further attempts if there are many sign-ins or unusual activity. In that case, wait and then try again, or use another MFA method if available.
- If there is suspicion that someone else is trying to access the account, contact the organization’s IT administrator (for work/school accounts) so they can review Microsoft Entra sign-in logs.
With two-step verification correctly configured and monitored, repeated password-guessing attempts alone should not allow others to access the account.
References: