Someone tried to sign in to my Microsoft Live account

ng4ever

Level 16
Thread author
Verified
Feb 11, 2016
789
They only got to the challenge question and no further. What should I do ? I changed my password immediately.

Should I close the account ?
 
Last edited:
  • Like
Reactions: mal1 and kev216
N

Noxx

You don't need to close your account. Just create another strong password. It doesn't even need to be something you could easily remember. Write it down or use LastPass or something so that you don't have to spend all day typing it in / remembering it.
 

ng4ever

Level 16
Thread author
Verified
Feb 11, 2016
789
Can I give you all the ip address of who tried to sign in to my account and can you all find information on the person ?
 
  • Like
Reactions: mal1 and kev216

ng4ever

Level 16
Thread author
Verified
Feb 11, 2016
789
We personally can't do anything about it. Again, what you need to do is change your password. It needs to be complex since someone obviously trying to access it. Have you opened any suspicious mail lately?

No all my spam mail is blocked.

How do I change the challenge question on a Microsoft Live account?
 
  • Like
Reactions: kev216

Ink

Administrator
Verified
Staff Member
Well-known
Jan 8, 2011
22,361
Login to your Microsoft Account: https://account.microsoft.com/

Go to Security & Privacy

Step 1: Change your password - If not already, using LastPass (or other trusted managers) will create a complex password using letters, numbers and symbols. I recommend a minimum length of 12 characters. If you use a Microsoft Account to Login to Windows 8.1 or 10, you can set up a 6-digit PIN to access your device instead of having to memorise the randomised password.

Step 2: Check Recent Activity - Find any unusual IP addresses, Device/Platforms, Browser/Application and Location (Map). Keep a screenshot for future records.

Step 3: Review App Permissions - You can never be to sure what Apps you have granted access. In rare circumstances, you may find a suspicious app. To remove, click on Edit and Remove these Permissions. (It never hurts to check).

Step 4: Turn ON Two-Step Verification - Follow the steps carefully. I recommend any of the following; Microsoft Account (Windows Phone and Android), Google Authenticator (iOS and Android), LastPass Authenticator (if available), Authy (Android, iOS and Chrome).

Step 5: Reset your Trusted Devices - Remove all trusted devices associated with this account. You will be required to login and authenticate your logins on any devices you trust once you use them again.

Step 6: Check for Unwanted Apps/Malware Scan
- Check all your devices for any possible malware or spyware, from PC, Mac to Android. (etc.).

Step 7: Run a scan with MRT
- Open Run and type "MRT" (without quotes) to scan using Microsoft Malicious Software Removal Tool. MRT/MRST is delivered through Windows Update, or can be downloaded separately from Microsoft Safety and Security Center.

I strongly recommend that you make sure Two-Step Verification is enabled, and your password is changed on a clean device.

@ng4ever Do you use an Alias email created in Outlook.com? If you do, you can use your primary or alias, as your default login email, and disable the rest. These settings are found on the Security & Privacy page.

Other members may have posted similar, as I took time to post this, but I ensure you that you do not need to close your Microsoft Account.

Keep us posted. ;)
 

Laoel

Level 1
Verified
Apr 3, 2016
37
To improve the security of your account, you can activate two-step verification downloading the app of Microsoft on Google Play ( I don't know if have to Appstore... but I think that have too.), besides of create a good password. How your friend Noxx said, would be good if you could download the LastPass. Because besides of create a strong password, lastpass can memorize all your passwords to each site you have an account.

Another good tip is never use the same password for all site you have account.

I hope this can help ;)
 

StriderHunterX

Level 5
Verified
Well-known
Jan 10, 2015
207
I changed my password to 28 characters.

28 characters is good,but remember...

-Nothing logical(A name,a place....The random,the better)

-Lower and upper case,a dose of symbols...Mix it up.

-DON'T FORGET IT!!! :eek: Use one of the many different browser tools recommend by the good fellows here.Or if you're a paranoid,keep it (and other special/important passwords) in a external backup.

You can never be too careful.
 

jamescv7

Level 85
Verified
Honorary Member
Mar 15, 2011
13,070
Changing the password to a stronger one is enough then remove any associated accounts that you think they added it.

I've fall on the trap from phishing before and manage to recover immediately. ;) *

* My classmate link me the phishing site and added his email account from my account itself.
 

Atlas147

Level 30
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Jul 28, 2014
1,990
Definitely use a password generator from a password manager to keep your account secure, the passwords generated from those are really tricky and almost impossible to guess.

And use a different password for all your different accounts!
 

Rishi

Level 19
Verified
Honorary Member
Top Poster
Well-known
Dec 3, 2015
938
Make sure your devices do not have any kind of spyware - keyloggers, data miners, stealers.Just to be double sure I would use a secure virtual keyboard like Oxynger keyshield and change the password and then save it either inside an encrypted vault or offline for the time being.Then re-enable the two step verification and report the IP to microsoft(if it is possible).
 
  • Like
Reactions: frogboy

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top