Is this suspicious? (MS Account Activity)
Discussion
My email address that I use for many things has been obtained by hackers as HaveIBeenPawned shows it was in two data breaches. My pwd are strong so not worried about those and am about to move to a password manager shortly.
The entry below in my MS account login log looks suspicious to me though. The top one is just some hacker chancing their luck at guessing my password, occasionally they (or others) try to get a one time code too as that comes to my email address. However the bottom one I do not understand. Is this someone trying to access my email account (which has 2FA on it) via some back door smtp/exchange type connection or is it simply a legitimate connection that has failed? Anything to worry about? Anything I should do?
The black lines are my email address that I have hidden. The IPs are not mine.
Thanks
The entry below in my MS account login log looks suspicious to me though. The top one is just some hacker chancing their luck at guessing my password, occasionally they (or others) try to get a one time code too as that comes to my email address. However the bottom one I do not understand. Is this someone trying to access my email account (which has 2FA on it) via some back door smtp/exchange type connection or is it simply a legitimate connection that has failed? Anything to worry about? Anything I should do?
The black lines are my email address that I have hidden. The IPs are not mine.
Thanks
Ok thanks. Seems like a back door around 2FA then.
What’s worrying is I get some emails from MS telling me I’ve requested a one shot login code but these don’t appear in their online log so I’m not sure their log gives me a full view of all attacks.
Quite worrying but I imagine it’s the same for everyone almost.
What’s worrying is I get some emails from MS telling me I’ve requested a one shot login code but these don’t appear in their online log so I’m not sure their log gives me a full view of all attacks.
Quite worrying but I imagine it’s the same for everyone almost.
Activesync with modern authentication supports 2FA, basic authentication doesn't. However is this a business/enterprise account or consumer?
@outlook, @hotmail or @live mail now use office 365 in the background and by extension activesync with modern auth.
TLDR: You are probably okay unless business/enterprise with basic authentication still enabled. MS are in the process of disabling basic authentication for all tenants.
@outlook, @hotmail or @live mail now use office 365 in the background and by extension activesync with modern auth.
TLDR: You are probably okay unless business/enterprise with basic authentication still enabled. MS are in the process of disabling basic authentication for all tenants.
Scarletpimpofnel said:
It’s a Hotmail address so hopefully uses 2FA.
Very annoyed that a vendor I was using got hacked and my email address is now in the millions being exchanged between hackers to have a go at.
So many sites have been breached it would be pretty amazing if your email address wasn't listed on HaveIBeenPawned.Very annoyed that a vendor I was using got hacked and my email address is now in the millions being exchanged between hackers to have a go at.
Scarletpimpofnel said:
It’s a Hotmail address so hopefully uses 2FA.
Very annoyed that a vendor I was using got hacked and my email address is now in the millions being exchanged between hackers to have a go at.
I was once given the secret to prevent this, never use your email & then it can’t be captured in a site hack...Very annoyed that a vendor I was using got hacked and my email address is now in the millions being exchanged between hackers to have a go at.
It uses oauth which means you go through the initial sign in flow using 2fa + password then get a unique token back, subsequently your active sync device just provides that token to authenticate. This is how you can view individual devices and sign devices out etc centrally by just killing that devices token. A failed active sync auth would be someone trying an invalid token.
Gassing Station | Computers, Gadgets & Stuff | Top of Page | What's New | My Stuff