![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(246.4, 98%, 33%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Yes. Unrequested prompts in Microsoft Authenticator usually mean:
- Someone is trying to sign in to the account using the correct username and password and is now being blocked by the second factor, or
- Someone mistyped their email/phone and entered this account by mistake, or
- A previously requested prompt is being delivered late.
If these prompts are not initiated by the account owner, they must always be denied:
- Select Deny on every sign-in request that was not started by the account owner.
- Do not approve any request that is not expected; without approval, the attacker cannot complete sign-in and the account remains safe.
Because repeated unexpected prompts can indicate an active attempt to break into the account, the account’s security should be reviewed and strengthened (for example, by checking sign-in activity and updating security methods) and any suspicious prompts should continue to be denied.
References: