Share via

Excessive Forced Password Changes & Account Lockouts

Robert Ostrum 0 Reputation points
2026-03-27T19:01:46.24+00:00

Every time I attempt to login I get a message stating I had too many attempts to login and have to change my password. Is there anyway I can find out who, what or where these login attempts are coming from? If I check my recent history of login attempts they all should either successful login or successful password change. I don't see any failed login attempts

Outlook | Web | Outlook.com | Account management, security, and privacy
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. EmilyS726 223.5K Reputation points Independent Advisor
    2026-03-27T19:39:23.32+00:00

    Hello

    Do you use your account on more than one device?

    If so, please make sure you do not use VPN on any of the devices. I often found those with VPN running into this issue.

    If VPN is not used, make sure there's no VPN or proxy on the internet router itself. You can try a different internet connection, such as your phone hotspot, and see if it still keeps asking for password change.

    0 comments
  2. Q&A Assist
    2026-03-27T19:02:12.0166667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The sign-in history that is visible to the account owner only shows certain events and may not list every failed attempt, especially if they are filtered or grouped. To understand where sign-in attempts are coming from and respond to possible attacks, use the official “recent activity” and “security” views and then secure the account.

    1. Check recent activity for the Microsoft account
    • Go to the Recent activity page for the Microsoft account: See your recent activity.
    • Review the list of sign-ins and security events for the last 30 days. This view shows:
      • When the account was signed in.
      • Device or app information.
      • Location/IP-based information.
    • If anything looks suspicious (locations, devices, or apps not recognized), select Secure your account from that page to start the guided remediation.
    1. Use the Security basics page
    • Go to the Security basics page: https://account.microsoft.com/security.
    • Select Review activity to open the Recent activity page.
    • If there is activity that definitely was not performed by the account owner:
      • For items in the Unusual activity section, expand the event and select This wasn’t me.
      • For items in the Recent activity section, expand the event and select Secure your account.
    • Follow the prompts to change the password and review security settings.
    1. Understand what you can and cannot see
    • The Recent activity page is designed to show “significant events that could impact account security,” not every single failed attempt. If the same device/location signs in repeatedly, only the first sign-in might be shown.
    • Some automated or blocked attempts may not appear individually, even though they can trigger protective measures such as temporary lockouts or forced password changes.
    1. Strengthen account security
    • If there is any sign that someone is trying to guess the password or access the account:
      • Change the password from the Security basics page and choose a strong, unique password.
      • Update security info (phone, alternate email, and other verification methods) at the Security settings or Security info pages referenced in the documentation.

    These steps provide the maximum visibility that Microsoft exposes to end users (locations, devices, and apps) and the supported way to react to repeated lockouts or suspected attacks.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.