Share via

Somebody have an access to my account illegally

Ari Sebban 0 Reputation points
2026-03-08T15:22:36.2933333+00:00

I'm receiving a login notification that isn't mine. I've already changed my password, but it's still happening.

I know the location.

What could I do?

Thanks

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. EmilyS726 222.4K Reputation points Independent Advisor
    2026-03-09T02:44:27.7733333+00:00

    Go to your Microsoft account online https://account.live.com> Sign in > Your info > Sign in preference. Add an alias - You have two options here: Create new: this will allow you to use the native domain outlook.com to create a new alias. Add existing: this will allow you to add a 3rd party email address, such as yahoo, gmail, as long as they are not already associated with another Microsoft account. Once added, make this new alias your primary alias, do NOT delete the old alias. Then at the bottom, click on "Change sign in preference". On the next page, uncheck the box for the old alias. This means, from now one, the old alias cannot be used to sign into your Microsoft account, but it can be still used to receive emails, etc.

    0 comments
  2. Winnie-B 7,180 Reputation points Microsoft External Staff Moderator
    2026-03-09T00:45:30.2766667+00:00

    Hi Ari Sebban

    Thanks for reaching out to the Microsoft Q&A Forum. I’m sorry you’re still getting those sign-in notifications. Even after changing password, repeated alerts can happen if someone is continuously attempting to access the account (or if an old session/app still has access).

    To avoid repeating what’s already in the Q&A Assist reply, could you let me know if you've already tried those steps? If yes, did you run into any difficulties?

    If you haven't done this yet, please try the following steps to secure your account:

    Could you also confirm: On the Recent activity page, do you see any successful sign-ins from that location/ device, or are they all unsuccessful attempts?

    For more details, you can see this official guide: How to help keep your Microsoft account secure - Microsoft Support

    Please feel free to let me know how it goes and thank you so much for your understanding.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".    

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  3. Q&A Assist
    2026-03-08T15:22:49.5966667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Take the following steps immediately to secure the account:

    1. Review recent sign-ins and activity
      • For a personal Microsoft account, go to the Security basics page and open the Recent activity page.
      • For a work or school account, sign in to My Account and select My sign-ins.
      • Expand each sign-in and verify the details (location, IP address, device, browser/app). Mobile networks can show misleading locations, so also check device and app details.
      • For any activity that is not recognized:
        • On a personal account, in the Unusual activity section select This wasn't me or Secure your account when available.
        • On a work/school account, treat it as a possible compromise and continue with the steps below.
    2. Change the password again from a clean device
      • From a device that is trusted and known to be malware-free, go to the Security basics page and select Change password.
      • Set a strong, unique password not used on any other site.
    3. Update and strengthen security info
      • On a personal account, from the Security basics page review and update security info (phone numbers, alternate emails). Remove anything not recognized.
      • On a work/school account, go to Security info and verify all methods. Remove unknown methods and add at least one strong MFA method (for example Microsoft Authenticator).
      • Turn on two-step verification (personal account) or ensure MFA is enforced (work/school account). This prevents access even if the password is known.
    4. Sign out everywhere and remove suspicious access
      • Use the Microsoft account security settings to sign out of all active sessions where available.
      • Check for any permissions granted to apps that are not recognized (for example, “Permission given to an application” entries on the Recent activity page) and revoke them.
    5. Continue to monitor sign-ins
      • Regularly review the Recent activity or My sign-ins pages for a while.
      • If new successful sign-ins appear from locations, devices, or apps that are not recognized, immediately change the password again and review security info.

    If the login notifications are unsuccessful sign-ins only, this can also mean someone is trying to guess the password. In that case, changing the password and enabling multi-factor authentication is usually sufficient; with MFA enabled, even a guessed password is not enough to access the account.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.