Microsoft Outlook_ we have the ability to check recent attempted log-ins.....update...

Annemos

Good morning all.

I just found out that I can go into my E-mail settings and there is a list of recent log-ins. 

These days, is it normal that there are Unsuccessful Sign-ins, from several places in the World?

Thank you. 

oldernonethewiser

It would be normal if you had attempted to sign in from various places around the world.

Otherwise........

Neil_Jones

If you use a VPN yourself (or if you travel), then yes.

Otherwise... Depends.

If your account is old enough to appear on a leaked list then bulk of these will be chancers (this is why you should change passwords regularly), but you can (with Hotmail/Outlook at least) set up to log in without a password (you use the Microsoft Authenticator app) and then when it says "incorrect password entered", you know its true because there isn't one on the account so it will always be wrong.

That being said I just tried to log in and I don't see any password options so...

Annemos

Thanks for replies. 

(I do not have a Smart-phone yet, so no apps.)

I found this.....  it seems to be arising from hackers and spammers activity. 


https://answers.microsoft.com/en-us/outlook_com/forum/all/is-it-normal-to-have-so-many-unsuccessful-sign/dda17db1-19bf-429f-a213-b37b9ac3aff8


https://techcommunity.microsoft.com/t5/outlook/unsuccessful-login-attempts/m-p/4122142




By the way, I think this next info is excellent, where you can inform about phishing attempts. I had a spate about 4 months ago and after sending the info to this e-mail, I have not had any..... until one today!  Here it is.......



=======================================================


https://www.actionfraud.police.uk/report-phishing

Have you spotted a suspicious email?

If you have received an email which you’re not quite sure about, forward it to the Suspicious Email Reporting Service (SERS): report@phishing.gov.uk

The National Cyber Security Centre (NCSC) will analyse the suspect email and any websites it links to. They'll use any additional information you’ve provided to look for and monitor suspicious activity.

If they discover activity that they believe is malicious, they may:

• seek to block the address the email came from, so it can no longer send emails
• work with hosting companies to remove links to malicious websites
• raise awareness of commonly reported suspicious emails and methods used (via partners)

Whilst the NCSC is unable to inform you of the outcome of its review, they can confirm that they do act upon every message received.

Annemos

Per that advice above in the second link..... I have just set up a new e-mail address. It is called an Alias. 

I have also set the preference that this new one is now my preferred log-in. (Not the old.)

I can see all my e-mails. 

The only thing I now have to watch is....

1  To remember to sign in to the NEW e-mail address. And 
2   For each new e-mail, I have a choice what e-mail the Sender is, so I have to remember to always flip it now to the Old one. (Or it will look like it is coming from my new one that does not look like me!) 

I shall only really know if this has worked, when I look in a couple of days and see if there have been any more attempts from the Scammers/Hackers! 

onomatopoeia99

Neil_Jones said:

 (this is why you should change passwords regularly)

Very bad advice.  The following article from the national cyber security centre explains why.

https://www.ncsc.gov.uk/blog-post/problems-forcing-regular-password-expiry

flaneurs_lobster

onomatopoeia99 said:

Neil_Jones said:

 (this is why you should change passwords regularly)

Very bad advice.  The following article from the national cyber security centre explains why.

https://www.ncsc.gov.uk/blog-post/problems-forcing-regular-password-expiry

So in essence that article is saying that changing your password from "password123" to "password124" is a waste of time, especially if you forget to write down "password124" on the post-it stuck to your screen.

It cannot be true if you are changing your password from a 30 character string made up of uppercase, lowercase, numerics and special characters generated by a password manager to another similarly generated.

Annemos

Update on that Microsoft procedure I have now used to set up a new "Alias e-mail address": (I do not intend to give anyone this new e-mail address). 

-   This is working very well. NO unauthorised access has taken place since I changed to the Alias e-mail address. 

-   My new Alias is now my preferred log-in e-mail and my primary e-mail address. If anyone tries to log in to that old e-mail, it now says there is no account. 

-  I can see all my e-mails. I did a test and sent myself an e-mail from old e-mail address to new e-mail address and both show up fine. 

- For new e-mails I have the choice which e-mail address to use. 

- For any mail within a chain. which has already used the old e-mail address, then any replies also keep that old e-mail address (unless you go in and change it). 

flaneurs_lobster

Annemos said:

Update on that Microsoft procedure I have now used to set up a new "Alias e-mail address": (I do not intend to give anyone this new e-mail address). 

-   This is working very well. NO unauthorised access has taken place since I changed to the Alias e-mail address. 

Don't think that there was unauthorised access to your account (at least it was not mentioned by you), what you were seeing were failed login attempts.

If you want to make your email account more secure then you should add 2FA, the Microsoft help pages will give details of the methods you could use (I note you don't have a smartphone, this cuts down the options). 

Annemos

Oh thank you flaneurs_lobster. I do apologise, I wrote it down wrongly.  It was actually "unsuccessful sign-ins". 

So many of them were being attempted, I was worried someone would get in eventually.