![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(188.79999999999998, 4%, 28%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDK%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Because the hacker turned on 2FA and changed the sign-in details, only Microsoft’s automated recovery tools can be used; support agents cannot bypass them or turn off 2FA for security reasons.
Follow these steps:
- Use the hacked/compromised account troubleshooter
- Go to the official guide for hacked accounts: How to recover a hacked or compromised Microsoft account.
- Start with the Sign-in Helper tool it links to. This will ask for the email/phone and guide through the available self-service options.
- Try standard reset first
- If you can still reach the “reset password” flow, try to reset your password using any recovery email/phone that still belongs to you.
- If none of the verification options are yours anymore, move to the recovery form.
- Fill out the Microsoft account recovery form (ACSR)
- Use the Account recovery form.
- Complete it from a device and location you previously used with this account (home/office) to improve the chances of success.
- Provide as much accurate information as possible (old passwords, contacts, subjects, etc.). Microsoft will review and respond, typically within 24 hours.
- Understand the 2FA limitation
- If you had turned on two-step verification and now cannot access any of the alternate methods (codes, authenticator, phone, email), Microsoft support is not allowed to reset the password or change security info. In that case, recovery is only possible if the automated systems can verify the information provided in the recovery form.
- If the recovery keeps failing
- If the account recovery form and Sign-in Helper both fail and security info has been replaced by the hacker, there is no other supported method to regain access. Microsoft Support cannot override or bypass these protections.
For any future accounts, ensure multiple up-to-date recovery options (email, phone, and recovery codes) are configured so a single compromised factor cannot lock you out.
References:
- How to recover a hacked or compromised Microsoft account
- Help with the Microsoft account recovery form
- My account got hacked - Microsoft Q&A
- my microsoft account has been compromised - Microsoft Q&A
- My personal hotmail account hacked by hacker with authentication app enabled. - Microsoft Q&A
- hello my email was (Moderator note: PII removed)@icloud.com and now its (Moderator note: PII removed)@jerkoffmail.com can please someone help me and the team change it my username in xbox is (Moderator note: PII removed) please help me team and change it - Microsoft Q&A