How can someone log in to my account if I have 2FA on MS Auth

Ferenc Wágner 20 Reputation points
2024-11-09T08:26:23.4533333+00:00

I recently downloaded MS Authenticator on my phone. During the day I get many requests to allow logins. Of course I deny them. Yesterday early morning when I checked my phone I got a security notification on email. I did what MS suggested I do in this situation. But I checked the recent activity tab. It said that there was a successful login from China and from the US.(I'm from hungary) But under devices it only shows me my computers and nothing more.

Anyone experienced the same thing before? What can I do about this issue?

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
7,387 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
22,462 questions
{count} votes

Accepted answer
  1. Harshitha Eligeti 895 Reputation points Microsoft Vendor
    2024-11-11T19:17:59.8133333+00:00

    Hi @Ferenc Wágner   
    Thank you for sharing your issue on Microsoft Q&A. 

    I Understand that your Microsoft account may be under attack, despite having Two-Factor Authentication (2FA) enabled. The unexpected login requests and successful logins from unfamiliar locations, like China and the US, are concerning.   

    In addition to the information provided by akinbade abiola . 

    Even though 2FA blocked unauthorized access, it's possible someone has gained your account credentials. 

    So, I Recommend Changing Your Password Immediately and Use a strong, unique password that you haven't used before. Consider using a password manager to generate and store complex passwords.   

    Check the recent activity section of your Microsoft account for any unauthorized access or changes. Report any suspicious activity to Microsoft. 

    Secure Your Email Account since email accounts are often used for password recovery, ensure that your email account is secured with 2FA as well. Be cautious of phishing emails or messages that may attempt to trick you into revealing sensitive information or login credentials. 

    Feel free to reach out if you need further assistance. 

    Best Regards. 
    Harshitha Eligeti. 

    0 comments No comments

1 additional answer

Sort by: Most helpful
  1. akinbade abiola 20,385 Reputation points
    2024-11-09T21:22:28.7433333+00:00

    This may be be nefarious. As Immediate Actions:

    • Change your Microsoft account password immediately and enable two-step verification if not already enabled
    • Check for and remove any unfamiliar email forwarding rules
    • Check for unfamiliar recovery email addresses or phone numbers on your account

    You can further investigate from the audit and isgn-in logs to see exactly what is happening.

    https://learn.microsoft.com/en-us/entra/identity/monitoring-health/concept-sign-ins

    You can mark it 'Accept Answer' and 'Upvote' if this helped you

    Regards,

    Abiola

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.