ng4ever

Level 12
Verified
They only got to the challenge question and no further. What should I do ? I changed my password immediately.

Should I close the account ?
 
Last edited:
  • Like
Reactions: mal1 and kev216
N

Noxx

You don't need to close your account. Just create another strong password. It doesn't even need to be something you could easily remember. Write it down or use LastPass or something so that you don't have to spend all day typing it in / remembering it.
 

ng4ever

Level 12
Verified
We personally can't do anything about it. Again, what you need to do is change your password. It needs to be complex since someone obviously trying to access it. Have you opened any suspicious mail lately?

No all my spam mail is blocked.

How do I change the challenge question on a Microsoft Live account?
 
  • Like
Reactions: kev216

Spawn

Administrator
Verified
Staff member
Login to your Microsoft Account: https://account.microsoft.com/

Go to Security & Privacy

Step 1: Change your password - If not already, using LastPass (or other trusted managers) will create a complex password using letters, numbers and symbols. I recommend a minimum length of 12 characters. If you use a Microsoft Account to Login to Windows 8.1 or 10, you can set up a 6-digit PIN to access your device instead of having to memorise the randomised password.

Step 2: Check Recent Activity - Find any unusual IP addresses, Device/Platforms, Browser/Application and Location (Map). Keep a screenshot for future records.

Step 3: Review App Permissions - You can never be to sure what Apps you have granted access. In rare circumstances, you may find a suspicious app. To remove, click on Edit and Remove these Permissions. (It never hurts to check).

Step 4: Turn ON Two-Step Verification - Follow the steps carefully. I recommend any of the following; Microsoft Account (Windows Phone and Android), Google Authenticator (iOS and Android), LastPass Authenticator (if available), Authy (Android, iOS and Chrome).

Step 5: Reset your Trusted Devices - Remove all trusted devices associated with this account. You will be required to login and authenticate your logins on any devices you trust once you use them again.

Step 6: Check for Unwanted Apps/Malware Scan
- Check all your devices for any possible malware or spyware, from PC, Mac to Android. (etc.).

Step 7: Run a scan with MRT
- Open Run and type "MRT" (without quotes) to scan using Microsoft Malicious Software Removal Tool. MRT/MRST is delivered through Windows Update, or can be downloaded separately from Microsoft Safety and Security Center.

I strongly recommend that you make sure Two-Step Verification is enabled, and your password is changed on a clean device.

@ng4ever Do you use an Alias email created in Outlook.com? If you do, you can use your primary or alias, as your default login email, and disable the rest. These settings are found on the Security & Privacy page.

Other members may have posted similar, as I took time to post this, but I ensure you that you do not need to close your Microsoft Account.

Keep us posted. ;)
 

Laoel

New Member
To improve the security of your account, you can activate two-step verification downloading the app of Microsoft on Google Play ( I don't know if have to Appstore... but I think that have too.), besides of create a good password. How your friend Noxx said, would be good if you could download the LastPass. Because besides of create a strong password, lastpass can memorize all your passwords to each site you have an account.

Another good tip is never use the same password for all site you have account.

I hope this can help ;)
 

StriderHunterX

Level 4
Verified
I changed my password to 28 characters.

28 characters is good,but remember...

-Nothing logical(A name,a place....The random,the better)

-Lower and upper case,a dose of symbols...Mix it up.

-DON'T FORGET IT!!! :eek: Use one of the many different browser tools recommend by the good fellows here.Or if you're a paranoid,keep it (and other special/important passwords) in a external backup.

You can never be too careful.
 

jamescv7

Level 85
Verified
Trusted
Changing the password to a stronger one is enough then remove any associated accounts that you think they added it.

I've fall on the trap from phishing before and manage to recover immediately. ;) *

* My classmate link me the phishing site and added his email account from my account itself.
 

Atlas147

Level 30
Verified
Trusted
Content Creator
Definitely use a password generator from a password manager to keep your account secure, the passwords generated from those are really tricky and almost impossible to guess.

And use a different password for all your different accounts!
 

Rishi

Level 19
Verified
Trusted
Make sure your devices do not have any kind of spyware - keyloggers, data miners, stealers.Just to be double sure I would use a secure virtual keyboard like Oxynger keyshield and change the password and then save it either inside an encrypted vault or offline for the time being.Then re-enable the two step verification and report the IP to microsoft(if it is possible).
 
  • Like
Reactions: frogboy
Top