![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(118.4, 59%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EM%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Those prompts mean someone or something is repeatedly trying to sign in as that account. The account is still protected as long as the requests are denied, but the activity should be treated as suspicious and the account secured.
Follow these steps:
- Deny every unrequested prompt
- Continue to select Deny on any sign-in request that was not initiated. Without approval, the sign-in cannot succeed.
- For Outlook mobile sign-in prompts, this behavior is expected when someone else has the correct email/phone or is guessing it:
- “If you received an "Are you trying to sign in?" prompt that you did not request, it could be because: someone is trying to access your account; someone accidentally entered the wrong phone/email; or delivery of an older prompt was delayed. Important: Select Deny to any requests that you did not initiate.”
- Check for unusual or unauthorized sign-ins
- Go to the Recent activity page for the Microsoft account and review sign-ins and security events.
- If any activity is not recognized, mark it as “This wasn’t me” and follow the guided steps to secure the account.
- Microsoft explicitly recommends this when unusual sign-ins are detected: “If you think someone has accessed your account, check your Recent activity page and let us know if it wasn't you.”
- Change the password immediately
- Change the account password to a strong, unique password that is not used on any other site.
- This helps if the password has been guessed, reused from another breach, or otherwise exposed.
- Review and update security info
- On the Security basics / Security info pages, verify that all phone numbers, email addresses, and sign-in methods belong to the account owner.
- Remove any phone/email/security method that is not recognized.
- Ensure at least one trusted method (such as Microsoft Authenticator or a trusted phone/email) is configured and up to date.
- Consider going passwordless
- To reduce the impact of password-guessing attacks and unwanted code prompts, enable passwordless sign-in on the Microsoft account:
- Passwordless options include Windows Hello, Microsoft Authenticator, SMS/Email codes, and physical security keys.
- As documented: “Passwordless solutions… provide a more secure and convenient sign-in method. While passwords can be guessed, stolen, or phished, only you can provide fingerprint authentication, or provide the right response on your mobile at the right time.”
- To reduce the impact of password-guessing attacks and unwanted code prompts, enable passwordless sign-in on the Microsoft account:
- Monitor for continued attempts
- After changing password and reviewing security info, continue to monitor Recent activity.
- If unrequested prompts continue, it is likely automated or repeated attempts using the username. As long as the prompts are denied and the security info is correct, the account remains protected.
- If any access is suspected
- If there is any sign that someone actually signed in (not just attempted), follow the guidance for a compromised account:
- Review rules/forwarding in Outlook, remove anything suspicious.
- Sign out of all sessions from the account security pages.
- Reconfirm security info and keep multi-factor authentication enabled.
- If there is any sign that someone actually signed in (not just attempted), follow the guidance for a compromised account:
These steps will both stop or reduce the prompts over time and ensure that even if someone keeps trying, they cannot breach the account.
References: