![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 59%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMP%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Select Deny on every sign-in request not initiated personally and then harden the account so the attacker cannot succeed.
- Treat the prompts as a possible attack
- Unrequested prompts can mean:
- Someone is trying to access the account.
- Someone mistyped the phone/email when signing in.
- A delayed delivery of an old prompt.
- For any request not initiated, always select Deny. Without approval, the attacker cannot complete sign-in.
- Unrequested prompts can mean:
- Review recent sign-in activity
- Go to the Security basics page and select Review activity.
- On the Recent activity page, look for unfamiliar sign-ins:
- If activity is in Unusual activity, expand it and select This wasn’t me.
- If it’s in Recent activity, expand it and select Secure your account.
- This flags suspicious attempts and walks through securing the account.
- Change the password immediately
- From the Security basics page, select Change password.
- Set a strong, unique password not used on any other site.
- Do not share the password with anyone.
- Strengthen sign-in and verification methods
- Ensure Microsoft Authenticator is the primary method and that only personal devices are registered.
- Remove any phone numbers, emails, or devices in the security info that are not recognized.
- Consider going passwordless (for work/school accounts) using methods such as Microsoft Authenticator, Windows Hello, SMS/Email codes, or security keys to reduce reliance on passwords that can be guessed or phished. See How to go passwordless with your Microsoft account.
- If repeated attempts block sign-in
- Microsoft Entra multifactor authentication can temporarily block sign-in after repeated attempts.
- If mistakenly making many attempts, wait and try again later or use a different MFA method.
- If it looks like someone else is trying to access the account, contact the organization’s IT administrator so they can review Microsoft Entra sign-in logs and adjust MFA settings if needed.
- If unusual sign-in alerts continue
- Keep denying all unrequested prompts.
- Regularly monitor the Recent activity page and mark anything not recognized as This wasn’t me or Secure your account.
- Ensure all security contact info (phone, alternate email) is current so alerts and verification codes always reach the correct devices.
As long as unrequested prompts are denied and the account password and security info are secured, the attacker cannot complete sign-in, and Microsoft’s unusual-activity protections will continue to help block unauthorized access.
References: