Share via

possible token theft microsoft account

technologyresearcher 0 Reputation points
2026-02-13T20:18:37.9733333+00:00

since any time now I receive attempts on my microsoft authenticator regarding my outlook email address.

I get them daily mostly like once or twice a day.

I figured that when you get a 2fa attempt hackers are passed your password, I did change my password but i still get the attempts, as far as I know i'm only logged in onto my pc and on my phone + my browser is set to delete all cookies after closing.

This leaves me the options that it might be token theft.

authenticate gives you the country where it was originated from but the security dashboard only show active logins not failed attempts anymore to originate an ip-address.

Is there anything I can do or is there to fully revoke tokens?

Microsoft Security | Microsoft Authenticator
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. kagiyama yutaka 1,165 Reputation points
    2026-02-15T20:48:46.4466667+00:00

    I think that those daily prompts usually mean an old refresh token is still being replayed somewhere… changing the password doesn’t stop those.

    what’s worked for me is going to https://mysignins.microsoft.com/security-info and doing a full “sign out everywhere” and it forces all tokens to be re‑issued and stops the prompts.

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.