Unsuccessful Sign-in - Request Denied in App - Password compromised?

nicholas kean 55

Good day!

I recently had a Microsoft Auth request come to my phone, one of the ones with the 3 numbers to choose from. This did not come from me, and after checking on the security page, it was not a familiar IP or location (it was out of my country). The only session activity it gives is
"Session activity
Request denied in app."

My question is, does that mean for a fact that my password has been compromised? I recently changed it to a new, strong, unique one, so I doubt that to be the case, but I cannot find any resources stating ways to trigger the auth without having a password entered.

Dillon Silzer 56,681 Reputation points

2023-01-16T02:00:25.7966667+00:00

Have you registered with Microsoft Authenticator?
Torbjørn Sørli 30 Reputation points

2023-01-24T10:54:08.2566667+00:00

Surprisingly poor information from Microsoft about this. I had the same happen today. My recent activity is showing that there was first an attempt at login with wrong password, then immediately afterwards from the same IP there is a "Request denied in app" entry. My password is long, randomly generated and unique, it is highly unlikely that it has been guessed, but it would be very reassuring to know for sure if/how these requests are triggered without knowing the password.
Oleg 0 Reputation points

2023-06-22T18:44:04.72+00:00

I had a similar thing happen to me today. Anymore information on this?
Endor 6 Reputation points

2023-07-04T01:14:30.9666667+00:00

Same thing here, also highly unlikely my password would have been guessed or brute-forced. I used a VPN to login from a new location and after only entering my email I got the same 3 number popup thing, also tried on another computer, same popup. Somewhat relieving, but very weird that it would work that way since your email very likely will be leaked sooner or later(mine is very old so it's in multiple leaks.) and all other 2FA logins like these I have used do not send these prompts unless you enter the correct password.

4 answers

Jordan Millama 1,326 Reputation points

2023-01-16T07:09:37.4433333+00:00

No, does not necessarily mean your password was compromised, but that your email address was at least known/obtained. You can check if your email was a part of any data breaches, many password manager apps have this as a paid feature or you can go to websites such as https://haveibeenpwned.com/
Please sign in to rate this answer.

1 person found this answer helpful.
nicholas kean 55 Reputation points

2023-01-17T07:11:06.86+00:00

I appreciate the answer! Do you happen to know in what circumstances, assuming I am not logged in to anything currently that would be requesting it, it would trigger? Is there a sign-in method on some Microsoft site or app that has a passwordless sign-in? I am mostly used to MFA being used after you type in a password.

Robert Koharchik 25 Reputation points

2023-01-31T04:40:47.4166667+00:00

I'd like to know this too. Have to change password out of an abundance of caution now until this can be explained.
Sign in to comment
Robert Koharchik 25 Reputation points

2023-01-31T04:28:12.7533333+00:00

I too am curious about this, and the same happened to me. How did my phone receive the request without a password being provided?
Please sign in to rate this answer.

1 person found this answer helpful.

0 comments No comments
Sign in to comment
Jean-Dominique Nguele 5 Reputation points

2023-02-19T10:32:38.29+00:00

The same happened to me a few weeks back so I changed my password but it happened again today so I'm curious as to how this occurred. Is there some vulnerability that allows hackers to access our accounts without using a password at all?
Please sign in to rate this answer.

1 person found this answer helpful.
Robert Koharchik 25 Reputation points

2023-02-26T07:17:43.1433333+00:00

This happened again today. I'm thinking there is for sure some kind of vulnerability. Disturbing and I would appreciate clarification.

TIN PO CHAN 5 Reputation points

2023-04-21T04:07:20.51+00:00

I have the same problem and unable to find any infos from mircosoft, so I decided to remove the app login option in my account setting.
Not sure how mircosoft not seeing this seriously, if you miss clicked the deny and have clicked the right number, the hacker will have access to your account...
Good job Mircosoft.
Sign in to comment
edunaka 0 Reputation points

2023-05-08T03:38:41.08+00:00

This thing is happening to me too, from time to time, no matter if Ichange the password (long and complex). My understanding is the the request would be sent to my phone only after providing the right password.
Please sign in to rate this answer.
Frankie Ruiz 0 Reputation points

2023-07-16T12:43:56.8866667+00:00

Wow, horrible design and communication from Microsoft. I can only hope that it's a way to push someone that has access to the 2FA device into locking themselves out of the account, since they will not have access to the person's email account nor their password.
Sign in to comment

Share via

Unsuccessful Sign-in - Request Denied in App - Password compromised?

4 answers