Share via

How to remove unauthorized users?

Karen Houtz 0 Reputation points
2026-04-06T14:38:31.8966667+00:00

Please tell me how do you remove unauthorized users?

Windows for home | Windows 10 | Security and privacy
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Sin-D 9,180 Reputation points Microsoft External Staff Moderator
    2026-04-08T03:25:13.53+00:00

    Hi Karen Houtz,

    I understand how worrying it is to see unauthorized users on your Windows device. Have you already tried the Q&A Assist suggestions? In addition, please try the following.

    Could you please clarify where you are seeing these “unauthorized users”?

    For example:

    1. Are you seeing extra accounts listed in “Settings” > “Accounts” > “Other users”?
    2. Or are you seeing unfamiliar names on the Windows sign‑in screen?
    3. Or is this related to Microsoft account security activity (sign‑ins shown at https://account.microsoft.com)?
    4. Or is this a shared PC that others have used before?

    If the extra users appear on the sign‑in screen or under account settings, follow these steps:

    1. Open “Settings”
    2. Go to “Accounts” > “Other users”
    3. Under “Other users”, review the list
    4. Select any account you do not recognize
    5. Click “Remove” > “Delete account and data”

    Warning: Removing an account will permanently delete that user’s local files on this PC. Make sure the account truly does not belong to you or another household member.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".    

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

  2. DaveM121 866.2K Reputation points Independent Advisor
    2026-04-06T15:12:08.7866667+00:00

    Please provide full details on your requirements.

    Where in Windows 10 are you seeing unauthorised users, please provide a screenshot of that.

    0 comments
  3. Q&A Assist
    2026-04-06T14:38:44.62+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Unauthorized users in Microsoft 365 services are typically handled by restricting or removing their ability to send email or access resources, and then cleaning up their accounts or permissions.

    For email scenarios where a user is sending spam or is compromised and gets blocked:

    1. Confirm the account is secured
      • Follow the guidance in "Responding to a compromised email account" to regain control of the account before unblocking it. This includes resetting the password and enabling multi-factor authentication (MFA).
    2. Remove the user from the Restricted entities list (if they were blocked for outbound spam)
      • Go to the Microsoft Defender portal: https://security.microsoft.com.
      • Navigate to Email & collaboration > Review > Restricted entities, or go directly to https://security.microsoft.com/restrictedentities.
      • Locate the user with Entity = Mailbox.
      • Select the checkbox next to the user and choose Unblock.
      • In the Unblock user flyout:
        • Review the Overview and Recommendations to ensure the account is no longer compromised.
        • On the Unblock user page, use the Enable MFA and Reset the user's password links if not already done.
        • Select Submit, then confirm with Yes.
      • Restrictions are normally removed within one hour (up to 24 hours in rare cases).
    3. Alternatively, manage restricted senders with PowerShell
      • Connect to Exchange Online PowerShell.
      • List blocked senders: 
             Get-BlockedSenderAddress
      • View details for a specific sender: 
             Get-BlockedSenderAddress -SenderAddress <emailaddress> | Format-List
      • Remove a blocked sender: 
             Remove-BlockedSenderAddress -SenderAddress <emailaddress>
    4. For offboarding or fully removing a user’s access to organizational resources
      • Use Microsoft Entra PowerShell to:
        • Revoke all refresh tokens so existing sessions are invalidated: 
                 Connect-Entra -Scopes 'Directory.AccessAsUser.All'
       Revoke-EntraUserAllRefreshToken -UserId '******@contoso.com'
        • Disable the user account so they can’t sign in: 
                 Connect-Entra -Scopes 'User.ReadWrite.All'
       Set-EntraUser -UserId '******@contoso.com' -AccountEnabled $false
        • Reset the user’s password (for security containment): 
                 Connect-Entra -Scopes 'Directory.AccessAsUser.All'
       $securePassword = ConvertTo-SecureString 'Some-strong-random-password' -AsPlainText -Force
       Set-EntraUserPasswordProfile -ObjectId '******@contoso.com' -Password $securePassword

    These steps remove or restrict unauthorized users’ ability to send email and access organizational resources, and help ensure compromised accounts are secured before being restored or fully offboarded.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.