![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(137.6, 73%, 23%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESL%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 28.000000000000004%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECK%3C/text%3E%3C/svg%3E)
Hi Stuart little,
Microsoft cannot take direct action on individual IP addresses reported by users (for example blocking or “punishing” a specific IP)
1. Review and mark the activity
Go to Recent activity and:
- Select the suspicious sign‑in
- Mark it as “This wasn’t me”
This feeds Microsoft’s security systems and helps protect your account further
2.Enable Two‑Step Verification (if not already on)
This is the single most effective protection.
- Even if someone gets your password again, they cannot sign in
- Microsoft explicitly recommends this after unusual activity
3. Sign out of all sessions
This is very important if the attacker signed in before you changed your password.
Look for:
- Sign me out from everywhere
- Or Advanced security options
This kills any existing login sessions (including stolen tokens