You may receive an email or text message from Microsoft reporting an unusual sign-in activity. This happened to a lot of Microsoft account users. It indicates there’s a sign-in attempt from other people without your permission. This MiniTool post tells you how to deal with an unusual sign-in activity and the importance of MFA.
Microsoft Account Unusual Sign-in Activity
What is a Microsoft account?
Just as its name implies, it refers to an account from Microsoft which allows you access Microsoft products and services with just one login or from different devices easily. Like other accounts, you’ll be asked to set a password when creating a Microsoft account. Others are not allowed to sign in with your account without your permission.
However, many users reported that they have ever received a Microsoft account security alert saying there’s an unusual sign-in activity. At this time, you should be vigilant and pay more attention to account protection Microsoft; other malicious people are trying to invade your account and steal your private & important data.
Unusual Sign-in to Your Account
There’s no doubt at all that Microsoft cares much about users’ account security. The security team has always been working hard to protect all Microsoft accounts, preventing unauthorized sign-in.
What will Microsoft do when discovering an unusual sign-in?
It will send you an email message and an SMS alert whenever a sign-in attempt from a new location/device is detected. Meanwhile, a message will be sent to all your alternate contact methods for security check. This helps greatly to prevent an unauthorized sign-in from new location/device.
What you should do with an unusual sign-in activity alert?
Situation 1: it's you to sign in from a different place or a new device.
You should just follow the on-screen instructions and provide a security code to verify your identity when getting this Microsoft security alert. However, if the email or phone that is associated with this Microsoft account is not available right now, you may:
- Sign in from a device that has been set as trusted before.
- Ask your families/friends to check for you and tell you the security code received.
Situation 2: what you do with your account is nothing different from usual.
You should suspect a malicious person is trying to sign into your account and do something bad. At this time, please follow these steps:
- Open your browser and go to the Security basics page.
- Sign in with your account -> select Review activity to see your recent activities -> check for suspect sign-in attempts.
- Expand the specific unusual activity in Unusual activity section -> choose This wasn't me.
- Expand the activity in Recent activity section -> choose Secure your account.
- Go back to the Security basics page to click CHANGE PASSWORD (remember to create a strong one).
MFA Can Block Over 99.9% of Account Compromise Attacks
Why account protection Microsoft is important?
- It was reported that over 480,000 Microsoft accounts (0.048% of all accounts) had been infected by spraying attacks in January 2020.
- And in the same month, there were over 1 million Microsoft accounts breached; that’s to say, over 32,000 compromised accounts were increasing each day.
- What’s more, there were 300 million fraudulent login attempts every single day.
- The most horrible news is that according to Microsoft, over 99.9% of all Microsoft account breaches could have been prevented by turning on MFA.
The MFA offers extra barrier and layer of security to make it much difficult for attackers to get past. There are 2 obstacles to overcome in the implementation of MFA (Multi-factor Authentication).
- Users’ misunderstanding; they think external hardware devices are required.
- Users’ concerns about potential user disruption or over what it may break.
You should take a leap and go passwordless by enabling MFA. You can enable it for most of your online accounts. The steps to enable MFA for different accounts are different; you should just find the settings menu of an account -> go to the Account or Security section -> turn on MFA by following the on-screen instructions.