![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 83%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EA%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
These unrequested approval prompts mean that something (or someone) is repeatedly trying to sign in with the account that is protected by Microsoft Authenticator.
Why this is happening
- Someone is trying to access the account
- An attacker or automated script has the username and is repeatedly attempting to sign in.
- Because the account is protected with Authenticator, each attempt triggers a push notification asking “Are you trying to sign in?”.
- Someone mistyped their sign-in information
- Another user may have accidentally entered the email or phone number when trying to log in to their own account.
- Their attempts will still generate prompts on the Authenticator app.
- Delayed or repeated delivery of a previous prompt
- A sign-in prompt that was legitimately requested earlier might be delayed by the notification service and arrive later, appearing as if it was not initiated.
How to stop or reduce these prompts
- Always deny any request not initiated
- Select Deny on every prompt that was not explicitly started.
- This prevents unauthorized access even if someone has the username and password.
- Strengthen and modernize sign-in
- Ensure strong, unique passwords and avoid reusing passwords across sites.
- Consider going passwordless (for work/school accounts) using methods like Microsoft Authenticator, Windows Hello, SMS/Email codes, or security keys. Passwordless methods are more resistant to guessing, theft, or phishing.
- Review and adjust security settings
- Check account security settings and sign-in methods to ensure only intended devices and methods are configured.
- Remove old or unused devices and methods where possible.
- Monitor and respond to suspicious activity
- If these prompts are frequent and clearly not from legitimate activity, treat them as a sign that someone is trying to access the account.
- Change the password and review recent activity in the account security portal.
As long as all unrequested prompts are denied and the account security is kept up to date, the account remains protected even if others attempt to sign in.
References: