Today, I received a notification from the Microsoft Authenticator app asking for a code, which I denied immediately since I wasn't trying to log in. I changed my password right away and decided to remove the password, leaving only the Authenticator app as my way to access my account. I checked the sign-in activity and didn't see any record of that attempted access. I'm currently traveling, so I'm wondering if this was a hacking attempt or just a routine system check. Am I safe now?
2 Answers
It sounds like the Authenticator did its job! Just because you got that alert doesn't mean your account was compromised. Someone could have just entered your email to check what authentication method you use, or it might have been a mistake. Still, it's a good idea to have a password on your account alongside the Authenticator for extra security.
If they triggered the code request, it might indicate they know your password. Changing it is a smart move, and make sure to use a strong password, not just a slight variation. A password manager can help if you find it hard to create unique passwords. It's also wise to consider using different emails for your accounts or email aliasing for added security.
I’ve started using unique passwords for all my major accounts. I’ve got 2FA set up everywhere, but I’m still worried someone guessed my password. Should I be on the lookout for other important accounts that hackers might target?