regarding account

Question

someone used my college email and created azure account I have changed password nd everything, somehow he still has access to it what should I do

Answer 1

Hey Dhruv, it sounds like someone else has lingering access to your Azure/Microsoft Entra account even after you changed the password. Here’s what you can do to lock them out and shore up your security:1. Revoke all active sessions

• Go to https://myprofile.microsoft.com > Security info > Devices and sessions, and click “Sign me out everywhere.”
• Or in the Azure portal under Entra ID > Users > select your user > “Revoke sign-in sessions.” This will force everyone to re-authenticate.

2. Enable and enforce MFA
   • In the Azure portal, go to Entra ID > Security > Authentication methods and configure Microsoft Authenticator (or another MFA option).
   • Turn on the built-in Conditional Access baseline policy “Require MFA for all users” or roll your own MFA-required policy.
3. Review risky sign-ins and apply Identity Protection
   • Enable Microsoft Entra ID Protection (free to start) via Entra ID > Identity Protection.
   • Under “User risk policy” set the action to require a password change or block access when a risky sign-in is detected.
   • Keep an eye on the Sign-in logs (Entra ID > Monitoring > Sign-ins) to spot any unusual locations or devices.
4. Check and update your security info
   • Make sure your recovery phone, email, and authenticator app details are up to date.
   • Remove any methods you don’t recognize.
5. Contact your college IT / tenant administrator
   • If this is an organizational account, ask your campus IT team to confirm you’re the only owner/admin of that user object and to remove any extra administrator roles or guest entries.

Reference docs:

• Use risk detections for user sign-ins: https://docs.microsoft.com/azure/active-directory/authentication/tutorial-risk-based-sspr-mfa
• Sign-in logs in Microsoft Entra ID: https://docs.microsoft.com/azure/active-directory/reports-monitoring/concept-sign-ins
• Overview of Microsoft Entra ID account recovery: https://learn.microsoft.com/entra/identity/authentication/concept-account-recovery-overview
• How end users can perform account recovery: https://learn.microsoft.com/entra/identity/authentication/how-to-account-recovery-for-users

Answer 2

Take these steps immediately to secure the Microsoft account that was created with the college email and to block the other person’s access:

1. Review recent sign-in activity
   • Go to the Recent activity page: https://account.live.com/Activity
   • Check sign-ins for the last 30 days and look for locations, devices, or apps that are not recognized.
   • If any activity is not yours, follow the prompts there to report it and help secure the account.
2. Secure the Microsoft account
   • Go to the Security basics page: https://account.microsoft.com/security
   • Select Review activity and mark any suspicious sign-ins as not yours.
   • Select Change password and set a strong, unique password that is not reused anywhere else.
   • Update security info (phone, alternate email, verification methods) so only trusted contact methods are present.
3. If the account appears hacked or compromised
   • Follow the official guidance in How to recover a hacked or compromised Microsoft account.
   • Step 1: Run a full antivirus/malware scan on the PC to ensure no malware is capturing passwords.
   • Step 2: After confirming the device is clean, change or reset the Microsoft account password using the guidance in that article.
   • Step 3: Check account settings such as connected accounts, forwarding, and automatic replies to ensure nothing was altered by the attacker.
4. If security info was changed by the attacker
   • If the account shows “security info change pending,” use the options on that screen:
     • Cancel this request if the change was initiated and the old security info is still accessible.
     • Let us know if the change was not made by you; this starts the unauthorized-change flow.
   • After regaining access, remove any unknown aliases or sign-in emails from the account and add safer verification methods (for example, Microsoft Authenticator).
5. Continue monitoring
   • Periodically check the Recent activity and Security settings pages to ensure there is no new suspicious activity.

If the account recovery web form and built-in flows fail and the attacker has replaced all security info, there may be no further supported method to recover or fully secure that specific Microsoft account, and a new account may be required.

---

References:

• Check the recent sign-in activity for your Microsoft account
• What happens if there's an unusual sign-in to your account
• How to recover a hacked or compromised Microsoft account
• My account got hacked. - Microsoft Q&A
• My account got hacked - Microsoft Q&A