This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(128, 8%, 22%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Hello,
I get "Your single-use code" mails 3-4 times in a day.
The mail says "Someone else might have typed your email address by mistake", but this is another situation. This can not be a typing mistake.
I can't find who try login or from where. Don't you think the system should block the IP who try login but don't enter single-use code?
I don't know if someone is somehow trying these codes in order or using them in a transaction. The activity control page only shows my login process.
In summary, can you detect and block the IP making these attempts? Or can we cancel this single-code operation?
These spams are so annoying. There must be a way to prevent.
Many thanks.
Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(38.4, 18%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETL%3C/text%3E%3C/svg%3E)
Hello, I’m Virginia, a fellow user like yourself.
Sorry to hear you’re experiencing problems.
They may be phishing attempts sent in order to obtain your log in details. Is there any links in the email? If yes & you hover your mouse over them do they show a genuine Microsoft address?
Is there any sign in options asking you to change your password to secure your account?
Hi Virginia,
Thank you for your reply.
Header of the mail looks fine.
| from: | Microsoft account team <******@accountprotection.microsoft.com> |
|---|---|
| date: | Aug 18, 2023, 3:57 PM |
| subject: | Your single-use code |
| mailed-by: | accountprotection.microsoft.com |
| signed-by: | accountprotection.microsoft.com |
| security: |  Standard encryption (TLS) Learn more |
 : |
Important mainly because you often read messages with this label. |
There is no link in it. Here is the full message:
Hi ....@gmail.com, We received your request for a single-use code to use with your Microsoft account. Your single-use code is: xxxxxx If you didn't request this code, you can safely ignore this email. Someone else might have typed your email address by mistake. Thanks, The Microsoft account team
Many thanks.
That’s a genuine Microsoft address so the email is legitimate.
I take it you have 2 factor authentication turned on under your account? Usually these codes are being sent due to someone entering your email address & password but due to 2fa they require the code sent to the registered email address in order to complete the sign in.
Usually there would be an ‘unsuccessful login’ message under the security tab of your account though.
Hi again,
I have authenticator in my phone and when I try to login to my account, it sent a message to my phone (authenticator), not sent any code to my email.
I have check my security tab->Recent activity but there is only 1 record which is the my last login to enter security page :)
"1 minutes ago Successful sign-in Türkiye"
like a joke :)
I dont know why it doesn't list my earlier activities.
"someone entering your email address & password but due to 2fa they require the code sent to the registered email address in order to complete the sign in."
Yes, The system should block the IP after several unsuccessful attempts!..
I have an unique and strong password. Anyway, I'll try to change my password and see what will be happen.
Many thanks.
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
