A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Dear @Johnny and Yesenia Serna,
Good day! Welcome to Microsoft Q&A forum!
Based on your description, I understand that you are receiving frequent Microsoft Authenticator approval requests for login attempts that you did not initiate. While you appreciate the security provided by the Authenticator app, you're concerned about the volume of authentication prompts and would like to know whether Microsoft can use AI or other security measures to better distinguish legitimate users from malicious login attempts and automatically block suspicious activity or offending IP addresses.
Thank you for reaching out and for sharing your concern. I understand how concerning it can be to receive repeated Microsoft Authenticator notifications for sign-in attempts that you did not initiate.
The good news is that these prompts do not necessarily mean your account has been compromised. In many cases, repeated authentication requests occur because your email address or username has become known through previous data breaches, publicly available information, or credential-stuffing attacks where threat actors attempt to sign in using passwords obtained from other sources.
Microsoft already uses advanced security technologies, including risk-based detection, machine learning, and automated threat intelligence, to identify and help block suspicious sign-in activity. However, attackers can still attempt to authenticate against an account, which may result in sign-in prompts being generated if they have entered correct credentials but are blocked at the MFA stage. The Authenticator approval request is often the final security barrier preventing unauthorized access to your account.
I recommend reviewing your recent sign-in activity for any unfamiliar login attempts, ensuring that Microsoft Authenticator with number matching is enabled, verifying that only trusted devices and authentication methods are registered to your account, and changing your password if it has not been updated recently.
If the unexpected prompts continue, depending on your account type:
1-If this is a Personal Microsoft Account: One of the most effective solutions is the alias sign-in method, which is commonly recommended when attackers continue targeting a known sign-in address.
This involves:
- Creating a new Outlook.com alias with a unique name
- Setting the new alias as the primary sign-in alias
- Disabling sign-in permissions for the current Gmail alias
- For your reference: Change the email address for your Microsoft account | Microsoft Support
This prevents attackers from attempting to sign in using the email address they already know while allowing you to continue using the account normally.
2-If this is a Work or School Account: I recommend contacting your organization's IT administrator. They can:
- Review sign-in logs in detail
- Apply stricter security policies
- Help reduce or block repeated authentication prompts
- For your reference: Getting too many authentication attempts on my account - Microsoft Q&A
Kindly let me know when there are updates or if you need further assistance. Any updates you’re able to share would be really helpful. I appreciate your time and look forward to hearing how things are going!
Thank you for your time and patience.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.