case study

Your single-use code Microsoft Account Emails

online account security
Image shows a gray and white computer keyboard with the Enter and Shift keys replaced with the words SECURITY and BREACH. Image was licensed from Envato.

by

Erika Sanborne

“Hi ————,

We received your request for a single-use code to use with your Microsoft account.

Your single-use code is: ———

Has your account been breached?

You Should Check!

Did you get an email like the following, or perhaps several, even though you were not at that moment trying to log in to your Microsoft account? Are you wondering whether somebody else was trying?

Hi ____,

We received your request for a single-use code to use with your Microsoft account.

Your single-use code is: ______

If you didn’t request this code, you can safely ignore this email. Someone else might have typed your email address by mistake.

Thanks,
The Microsoft account team

Check here

Go to Microsoft to see when and where you have used your account. Log in at https://account.live.com/activity/. (You will, slightly ironically, probably generate another one of those “We received your request for a single-use code to use with your Microsoft account.” emails, but this time it will be from you.

When you log in, you can check for when and where your account has been recently accessed.

Microsoft Account Activity
Screenshot of Microsoft Recent Activity, showing three recent, unsuccessful sign-in session attempts from Italy.

What should do you do?

In my case, since there are only unsuccessful sign-in attempts, my account is safe. I can see here that nobody has accessed this account, although someone tried, three times, from Italy. I also have two-factor authentication (2FA) on this account, and a very strong password, so I’m comfortable with the security of this account.

Note that even though I have 2FA and a strong password, I still check to make sure my accounts are secure when people try to access them.

Is there more info?

Yes. Clicking that drop-down arrow reveals the IP address of the bad actor, and a bit more information about the attempted breach. There is also a link you can click if the sign-in attempt was successful, which would walk you through securing your account with Microsoft.

Here is what I could see from the top entry on my activity log.

Microsoft account breach
Screenshot of Microsoft recent account activity log entry, showing detail from one unsuccessful sign-in attempt from a bad actor in Milan, Italy.

Ultimately

Online account security takes your time and attention, and multiple layer and approaches. Follow all the best practices, especially having a strong password and using 2FA. When in doubt, find out whether there has been a breach, and secure your accounts. Online security is an unfortunate part of life, but you can do many things to protect yourself and minimize risk.

About Erika Sanborne

Erika Sanborne is the WordPress developer and agency owner at Our Future Site, a division of Erika Sanborne Media LLC. In addition to web development, Erika produces digital graphics, videos, animated explainers, and portraiture work. Her other hats include: long-time math and psychological science educator, ordained UCC clergy, disabled veteran for peace, disability justice advocate, population health and disability policy researcher, and sociology PhD candidate. All at the same time. Yeah. She keeps busy. | More About Erika

Our Future Site

a division of Erika Sanborne Media LLC

Reach out for a consultation.

We're always glad to jump on a Zoom call to hear your dreams and discuss ideas for growing your business, and we'll give initial direction and advice, no strings.

Contact Us

Popular Resources

How to Make your Own Free (or almost free) Website

How to Reclaim your Online Identity from Imposters

Learn How to Audit Your Website for Accessibility

© 2020-2024
Erika Sanborne Media LLC

Privacy Policy Cookie Policy Terms of Service Disclaimer