With how there’s been multiple breaches in Azure, I’d move away from Microsoft-based products if I were you.

It’s good to be paranoid, but for years I have had periodic sign-ups for lists I never wanted, services I never asked for, medical appointments and plane ticket reservations(!) I didn’t make … you name it.

All because I was an early gmail invitee, so my account is just ‘firstinitiallastname@gmail.com’ (with no ‘123’, or other decorations) – I was the FIRST. And I’ll be damned if I give it up!

So, so many people with my first initial and surname forget to add whatever crap they added to their signup after they must have gotten the error message at sign-up that told them ‘sorry, but firstname.lastname@gmail.com is already taken’ and they then forget whatever they added, and keep using my email address when they register for whatever crap they do. So bloody annoying.

I’ve taken to just logging into the numerous sites they helpfully send me registration links for, and if there’s a profile section I may (if I’m feeling cranky) set their profile photo and bio to unsavoury things, before locking the account. If I’m not feeling cranky I just unsubscribe/delete the account.

I checked out my old Hotmail account and there’s somebody in china trying to access it non stop.

It’s protected with a strong password and 2fa. But it still makes me uneasy. I just wish I could geo block the attempts or something.

If you have 2FA enabled they won’t be able to get in, but if you change your password and they’re still trying, that means that somehow they have your new password, which means you probably have a credential stealer in your PC or one of your devices. I would reinstall windows immediately then change EVERY password.

I have this also all the time on my Microsoft account. All un-successful of course (long password and 2FA activated). So stopped looking at this.

Buy two ubikeys, one for you and one for your safe or lockbox.

Also use a password manager and don’t reuse passwords.

Kind of happens everywhere to be honest, the best defense is to have a good and unique password and MFA enabled.

Use 2FA

This is normal. All of my accounts have looked like this for years. So I imagine every account with Microsoft will see this bombardment of someone trying to get in.

It’s not just Microsoft - every server on the internet with an open port gets bombarded all of the time. It’s just the way of the internet. So if you move your account to another platform it’ll see the same bombardment as it does now.

deleted by creator

I have the same issue. For me it’s mainly some ip address in Russia but it bounces around. I’ve had the 2FA enabled on my account for at least a year now. I have a unique, random password for it. Recently (like a month or two ago) the 2FA app popped up with a message to click on the number to verify or deny. I knew it wasn’t me so I denied it.

I was worried someone had managed to guess my long ass password but I fiddled around with it and it’s possible to get that 2FA prompt when you are trying to do a password recovery. So I just let it ago and haven’t gotten any others since. I still feel like I should chang my email but based on what others are saying it doesn’t seem like it will make a difference.

I’d say ignore it, or if you’d like it to stop, create a new email alias and change your login settings so it only allows you to sign it with the new alias (and don’t use that email for anything)

Edit: I just noticed there are some successful sign ins. Make sure to change your password, add 2fa, and log out of all devices

I would contact Microsoft support immediately

Had this issue with a gmail account about 7 years ago. It has/had 2fa. Haven’t used it much since then.

Activated tfa? So does that mean u didn’t have 2fa activated?