![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(89.60000000000001, 91%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERH%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Those lock-screen notifications are Microsoft Authenticator MFA prompts. They appear when something (often a website, app, or background process) is trying to sign in with the account protected by Authenticator.
If these prompts appear when not actively signing in, treat them as suspicious and deny them:
- Select Deny on every unexpected notification.
- Do not approve any request unless actively signing in and the request details (account, app, location if shown) match what is being done.
- Open the Authenticator app and review recent sign-in requests to see if there are repeated or anomalous attempts.
- Change the account password immediately and review security info at the account security page to ensure only trusted methods and devices are listed.
- Consider enabling additional protections (such as number matching or location details) if available in the Authenticator configuration, so that unexpected prompts are easier to detect.
If notifications stop after denying and changing the password, they were likely caused by someone or something repeatedly trying to sign in with the account.
References: