Share via

Someone trying to access my account

Christopher Hankins 5 Reputation points
2026-03-02T20:03:13.6433333+00:00

I keep getting request to authorize a login attempts. Ive changed my password and still getting a requests. How do I find out who is trying to log into my account. I keep denying these attempts and want to stop this.

Microsoft 365 and Office | Subscription, account, billing | For home | Other
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. EmilyS726 214.8K Reputation points Independent Advisor
    2026-03-02T20:41:14.74+00:00

    Hello,

    If someone knows your email address, they can simply go to microsoft's website, use the forgot password to trigger a verification ask to try to reset your password. This doesn't mean they actually know your password, so changing password won't stop such behavior.

    But you can do this to stop it:

    Go to your Microsoft account online https://account.live.com> Sign in > Your info > Sign in preference. Add an alias - You have two options here:

    Create new: this will allow you to use the native domain outlook.com to create a new alias.

    Add existing: this will allow you to add a 3rd party email address, such as yahoo, gmail, as long as they are not already associated with another Microsoft account.

    Once added, make this new alias your primary alias, do NOT delete the old alias. Then at the bottom, click on "Change sign in preference". On the next page, uncheck the box for the old alias. This means, from now one, the old alias cannot be used to sign into your Microsoft account, but it can be still used to receive emails, etc.

    0 comments
  2. Q&A Assist
    2026-03-02T20:04:28.8633333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    To stop these sign-in prompts and investigate who is trying to access the account, follow these steps:

    1. Review recent sign-in activity
      • For a personal Microsoft account, go to the Recent activity page or the Security basics page and select Review activity.
      • For a work or school account, sign in to My Account and select My sign-ins.
      • Expand each sign-in and check details such as location, app, browser, and operating system. This will show when and from where attempts are being made. Note that locations can sometimes appear inaccurate due to mobile networks or routing.
    2. Mark suspicious activity and secure the account
      • On the Recent activity page:
        • If an event appears under Unusual activity, expand it and select This wasn’t me.
        • If it appears under Recent activity, expand it and select Secure your account.
      • If any sign-in looks unfamiliar, immediately change the password again from the Security basics page and ensure it is strong and unique.
    3. Ensure multi-factor authentication (MFA) is protecting the account
      • For personal accounts, turn on two-step verification if it is not already enabled. This ensures that even if someone has the password, they cannot sign in without the second factor.
      • For work or school accounts using Microsoft Entra multifactor authentication, if repeated attempts continue, contact the organization’s IT administrator so they can review Microsoft Entra sign-in logs for the source of the attempts.
    4. Handle unrequested prompts correctly
      • When an “Are you trying to sign in?” prompt appears that was not initiated, always select Deny.
      • These prompts can be caused by:
        1. Someone actively trying to access the account.
        2. Someone mistyping an email/phone when signing in.
        3. A delayed delivery of a prompt requested earlier.
      • Denying the request keeps the account safe as long as the attacker does not have access to the second factor.
    5. If sign-in attempts are excessive or lockouts occur
      • Microsoft’s systems may temporarily block additional sign-in attempts when unusual or repeated attempts are detected.
      • If locked out after many attempts, wait for the lockout period to expire before trying again, or use a different MFA method if available.
      • If this is a work or school account and malicious activity is suspected, contact the IT administrator to investigate and adjust security settings.

    These steps will not reveal the attacker’s identity, but they will show when and from where attempts are made and will help ensure the account remains secure while the unwanted prompts continue.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.