![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(316.8, 39%, 40%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHJ%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Deny every sign-in request that was not initiated and treat this as possible unauthorized access.
To understand and stop what is happening, follow these steps:
- Review recent sign-in activity
- Go to the Security basics page and sign in.
- Select Review activity to open the Recent activity page.
- Look for unfamiliar locations, devices, or apps:
- If the event is in Unusual activity, expand it and select This wasn’t me.
- If it is in Recent activity, expand it and select Secure your account.
- This flags the activity to Microsoft and starts guided steps to secure the account.
- Secure the account immediately
- On the Security basics page, select Change password and set a strong, unique password.
- Do not reuse this password on any other site.
- Make sure security info (phone numbers, email addresses) listed on the Security page all belong to you and remove anything unknown.
- Handle unrequested codes and prompts safely
- For any verification codes or Authenticator/Outlook prompts that were not requested:
- Do not enter the code or approve the prompt.
- Simply ignore or deny them. Without the correct response, the account remains safe.
- If you receive verification codes you did not request, consider going “passwordless” to reduce password-based attacks. See How to go passwordless with your Microsoft account.
- For any verification codes or Authenticator/Outlook prompts that were not requested:
- Confirm alerts and emails are legitimate
- Security emails about unusual sign-in attempts and verification codes should come from the Microsoft account team at @accountprotection.microsoft.com.
- If an email is from that domain, it is safe to trust and open it. If not, treat it as phishing and do not click links.
- If you still see repeated attempts
- Continue to deny all prompts.
- Regularly review the Recent activity page and mark unknown activity as This wasn’t me or Secure your account.
- Ensure all devices used to access the account are free of malware and that no one else knows the password.
These steps will not reveal the attacker’s identity, but they will protect the account and help Microsoft detect and block suspicious sign-ins.
References: