Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.
They cracked my password from a German VPN about a month ago. I Changed to passwordless within mins.
They seem to be really targeting Microsoft users, I am suprised Microsoft hasn't released a statement.
That’s what bugs me, they have been trying from January and no notice from MS.
Yeah my account has been hit since the end of December every 7 or so days.
The only things I've got in my account are some windows 7 / 10 licence keys and a migrated Minecraft account. Really not a concern to me if they can somehow get past 2FA.
The lack of response from MS is pretty shit, and to be expected from MS.