Random Code

Question

I received a random code which I didn't request. Is this a legitimate microsoft link - https://go.microsoft.com/fwink/?Linkid=521839. It came from One Microsoft Way, Redmond, WA 98052

Answer 1

If you didn't request it, don't click on it, even if the link is legitimate.

Sign into the account here: https://account.microsoft.com, then go to Security to review the sign in activities. When you reviewed the account's sign in activities, Click into those labeled as "unsuccessful sign in", you can click on it to expand it to review the Session activity. If it is incorrect password, it won't generate a code. And there's nothing to worry about. If it is request denied xxx, that means this activity had your password entered correctly, and a code was generated, but it didn't pass the two factor verification. In the latter scenario, you want to change the password asap.

If you can NOT find any unsuccessful sign-in with the "request denied" labeling, it can mean that someone else left your contact information as their security info, usually due to typo. In this case, your account is not in any danger. Unfortunately there's also nothing you can do about it until this other user realized they needed to update their contact info.

Another way to find out which scenario is yours is to go to the account https://account.microsoft.com click on Security > Advanced Security options, set up authentication app instead. That way, if you continue to receive code via text or email instead, you would know 100% that it is NOT about your account, but someone else left your phone/email as their contact info due to typo.

Answer 2

Do not use or trust the random code that was sent if it was not requested.

If a Microsoft verification code is received without requesting it, common reasons include:

1. Someone is trying to access the account.
2. Someone accidentally entered the wrong phone or email when trying to sign in.
3. Delivery of a previously requested code was delayed.

Important actions:

1. Do not respond to or use any verification code that was not requested. Without the code, the account remains safe.
2. Do not click any links in messages that were not requested or that seem suspicious. Instead, access the account directly by typing https://account.microsoft.com or https://account.live.com into the browser.
3. To reduce unrequested codes and increase security, enable passwordless sign-in methods such as Microsoft Authenticator, Windows Hello, SMS or email codes, or security keys by following the guidance in the “Go passwordless” documentation.
4. If messages or codes continue to arrive unexpectedly, review account security settings and recent activity via the official Microsoft account portals.

For text messages:

• Genuine Microsoft verification texts may come from “69525” or “Microsoft”, and genuine links in those texts begin with aka.ms. If unsure whether a message is genuine, do not click any link and instead sign in directly to the Microsoft account sites.

---

References:

• Troubleshoot Microsoft verification code issues
• Why is Microsoft texting me?
• Common problems with two-step verification for a work or school account
• Can I trust email from the Microsoft account team?