Hacking the authentic or

Question

Someone is trying to hack my windows account. Today I received an Authenticator approval from Indonesia. It is not me. This has been going on for a week. Please stop who ever is trying to break into my account. I keep denying the approval on the authentictor.

Answer 1

Dear @Dunham, Michael G,

Good day! Welcome to Microsoft Q&A forum!

Based on your description, I understand that you are receiving repeated Microsoft Authenticator approval requests from an unknown location (Indonesia), even though you are not attempting to sign in. This has been happening for about a week, and you are concerned that someone is trying to access your Windows account despite you denying each request. You’re looking for help securing your account and stopping these unauthorized attempts.

To make sure I understand your situation accurately, could you please confirm:

• Are you currently able to access your account without any issues?
• Are you using a personal Microsoft account (e.g., @outlook.com / @hotmail.com) or a work/school account (e.g., @yourcompany.com)?
• Are the alerts coming through the Microsoft Authenticator app, email, or both?

Your confirmation would be very helpful in ensuring you receive the most suitable support!

Based on what you described, receiving repeated unauthorized sign-in attempts from different countries can definitely feel alarming.

In most cases, this happens when your email address becomes exposed online, this can occur through past data breaches, leaks from websites you’ve signed up for, or even public listings where your email is visible. Once an email address is out there, it often gets picked up and circulated in large databases that are traded or shared across the internet.

That’s why you may suddenly see repeated sign-in alerts or 2FA prompts even though nothing has happened to your account directly. The system is actually doing its job by blocking those suspicious attempts and asking for verification to make sure it’s really you.

So while it can feel alarming, this doesn’t necessarily mean Microsoft itself is under attack. In most cases, it’s just your email address being targeted as part of widespread, automated activity happening across many online services. The important thing is that protections like 2FA are preventing unauthorized access.

Furthermore, depending on your account type:

1-If you are using a Personal account: You may want to try the alias sign-in method (highly recommended):

• Create a new email alias (something unique/random)
• Set it as your primary sign-in email
• Disable sign-in from your old email
• For your reference: Change the email address for your Microsoft account | Microsoft Support

2-If you are using a Business account: I recommend contacting your IT administrator within your organization.

They can:

• Review sign-in logs in detail
• Apply stricter security policies
• Help reduce or block repeated authentication prompts
• For your reference: Getting too many authentication attempts on my account - Microsoft Q&A

Kindly let me know when there are updates or if you need further assistance. Any updates you’re able to share would be really helpful. I appreciate your time and look forward to hearing how things are going! 

Thank you for your time and patience.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".  

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.  

Answer 2

Select Deny on every Microsoft Authenticator prompt that was not initiated and do not approve any unknown sign-in requests. Without the correct response, the attacker cannot complete the sign-in.

Then harden the account with these steps:

1. Review recent and unusual sign-ins
   1. Go to the Security basics page for the Microsoft account: https://account.microsoft.com/security.
   2. Select Review activity to open the Recent activity page.
   3. Check the sign-ins listed, especially those from Indonesia or other unfamiliar locations/devices.
   4. For any activity that is not recognized:
      • If it appears in Unusual activity, expand it and select This wasn't me so Microsoft can help secure the account.
      • If it appears in Recent activity, expand it and select Secure your account.
2. Change the password immediately
   1. From the Security basics page, select Change password.
   2. Set a strong, unique password that is not reused on other sites.
3. Check for other signs of compromise
   • If there is any suspicion that someone may already have accessed the account, follow the steps in the hacked/compromised account guidance:
     • First, run a full antivirus/malware scan on the PC (for Windows 8.1 or Windows 10/11, ensure Windows Defender is enabled and up to date).
     • After confirming the device is clean, change the password again if needed.
     • Review account settings such as connected accounts, forwarding, and automatic replies to ensure nothing has been altered.
4. Strengthen sign-in and recovery options
   1. Go to the Advanced security options page of the Microsoft account.
   2. Select Add a new way to sign in or verify and add additional secure methods (for example, another trusted phone or email, or additional secure sign-in options).
   3. Make sure the list of phone numbers and email addresses used to verify sign-in is up to date and belongs only to the account owner.
5. Monitor ongoing activity
   • Regularly review the Recent activity section in the Security basics/My Account portal to ensure no new suspicious sign-ins appear.
   • If repeated attempts continue, keep denying Authenticator prompts and ensure no unrecognized devices or apps remain signed in.

If at any point sign-in becomes impossible or it appears someone has changed the password or security info, use the hacked/compromised account recovery steps to regain control.

---

References:

• Using Outlook mobile to sign in
• Why is Microsoft texting me?
• What happens if there's an unusual sign-in to your account
• View your work or school account sign-in activity from My Sign-ins
• Troubleshoot Microsoft verification code issues
• How to recover a hacked or compromised Microsoft account
• How to help keep your Microsoft account secure