A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
To reduce or stop constant sign-in attempt notifications while keeping the account secure, use these steps and checks.
- Review recent sign-in activity
- For a personal Microsoft account, go to the Security basics page.
- Select Review activity to open the Recent activity page.
- Check each sign-in entry:
- If any activity is not recognized, in the Unusual activity section select This wasn't me, or in Recent activity select Secure your account.
- Follow the prompts to secure the account (this can include changing the password and reviewing security info).
- Change password and strengthen security
- From the Security basics page, select Change password and set a strong, unique password.
- On the Advanced security options page, select Add a new way to sign in or verify and add at least one extra method (for example, phone, alternate email, or Microsoft Authenticator). This makes it easier to recover the account if attackers keep trying.
- Ensure all phone numbers and email addresses listed for verification are up to date and belong only to the account owner.
- Use Outlook/Microsoft Authenticator notifications safely
- If sign-in notifications are coming via Outlook mobile and they are unwanted, open Outlook mobile:
- Go to Settings → Accounts → select the account.
- Select Account → Sign-in requests.
- Turn off Allow sign-in requests.
- If Outlook mobile is used as a sign-in method and later needed again, the same path can be used to re-enable Allow sign-in requests.
- Microsoft Authenticator can also be used as a secure sign-in method instead of Outlook mobile.
- Handle unusual sign-in alerts correctly
- When email or SMS alerts about unusual sign-ins arrive:
- Only trust messages from the Microsoft account team (for example, the sender described in the guidance).
- If the alert is about activity that is not recognized, follow the link in the alert to review activity and secure the account.
- If repeated attempts continue
- Repeated failed attempts may be attackers trying to guess the password or trigger MFA. Microsoft systems may temporarily block additional attempts when unusual patterns are detected.
- If unable to sign in because of too many attempts, wait for the lockout to clear or use another configured MFA method.
- For work or school accounts, contact the organization’s IT administrator and ask them to review Microsoft Entra sign-in logs for suspicious activity.
These steps do not stop attackers from trying altogether, but they ensure that:
- The account remains secure even if attackers keep attempting sign-ins.
- Any suspicious or successful sign-in is quickly detected and blocked by changing the password and updating security info.
References:
- What happens if there's an unusual sign-in to your account
- Notify us if you don't recognize activity on your account
- How to help keep your Microsoft account secure
- Using Outlook mobile to sign in
- Common problems with two-step verification for a work or school account
- View your work or school account sign-in activity from My Sign-ins