No, does not necessarily mean your password was compromised, but that your email address was at least known/obtained. You can check if your email was a part of any data breaches, many password manager apps have this as a paid feature or you can go to websites such as https://haveibeenpwned.com/
Unsuccessful Sign-in - Request Denied in App - Password compromised?
I recently had a Microsoft Auth request come to my phone, one of the ones with the 3 numbers to choose from. This did not come from me, and after checking on the security page, it was not a familiar IP or location (it was out of my country). The only session activity it gives is
Request denied in app."
My question is, does that mean for a fact that my password has been compromised? I recently changed it to a new, strong, unique one, so I doubt that to be the case, but I cannot find any resources stating ways to trigger the auth without having a password entered.
Same thing here, also highly unlikely my password would have been guessed or brute-forced. I used a VPN to login from a new location and after only entering my email I got the same 3 number popup thing, also tried on another computer, same popup. Somewhat relieving, but very weird that it would work that way since your email very likely will be leaked sooner or later(mine is very old so it's in multiple leaks.) and all other 2FA logins like these I have used do not send these prompts unless you enter the correct password.
Sign in to comment