Keep Intruders Away From Your Microsoft Account By Following These Steps
Contents
If you use Microsoft’s apps and services, like Microsoft 365, Outlook, and Teams, you have a Microsoft account that you use to log in to them. Since your data can be confidential and sensitive, you don’t want it to fall into the wrong hands or lose access to your account. So, conduct regular checks to ensure your account hasn’t been compromised. Since hackers generally attempt to gain access from foreign countries or via a VPN, a good way to check if your account is safe is by checking if it has been accessed from a different country.
There are several ways to do this. Go through every method to ensure your account is safe. It only takes a few minutes, and you can rest assured that your Microsoft account is safe and hasn’t been compromised. While you can perform most of the steps on any device, a few may require a Windows PC.
Related
World Password Week 2025: AP’s expert tips to stay safe online
The words we trust โ and the risks we forget โ in our online lives
6 Check recent sign-in activity
Identify all the sign-in attempts
Microsoft maintains a log of sign-in attempts to your account. Regardless of whether the login was successful or not, Microsoft reports the date, time, and location of the login attempt. You can use this to verify if someone else has logged in to your account from a different location. To do so, go to the Microsoft account dashboard and log in with your credentials. Then, navigate to the Security tab in the left pane.
Now, click View my sign-in activity under the Accounts tab. Here, you’ll see all the login attempts that were made to access your account. For successful logins, check the IP address and country associated with it by clicking that entry. If you spot a location that’s different from where you were at the time of login, it’s a red flag. Change your password and enable two-factor authentication.
5 Verify connected devices
Make sure all the devices are yours
Along with sign-in activity and attempts, Microsoft allows you to check all the devices linked to your Microsoft account. This could be your desktop PCs, laptops, and any device where you logged in with your Microsoft account. Go through the list of devices and check if you can identify all of them. If there is a suspicious device that you don’t recognize, it could be a login from a different region or country.
To check the list of devices, go to your Microsoft account’s dashboard and navigate to the Devices tab in the left pane. Go through your list of devices and check for anything suspicious. Sometimes, you can view the location of a device logged in to your account. If that’s possible, check for any device that’s logged in from a different location or country. Remove any devices you don’t recognize, and change your account password immediately.
Related
4 Review email and SMS alerts
Keep an eye on your inbox
Microsoft sends you an email or a text message every time someone tries to log in to your account. This can be a cue to check if someone used your credentials and signed in to your Microsoft account from a different country. First, check your phone to see if you received an SMS with details about a login attempt. If you don’t see it, check your email inbox.
Go to the email ID with which you signed up for a Microsoft account. Search for Microsoft in the search box and go through the results. If you see an email that says unusual sign-in activity, open it and check the country and IP address mentioned in the email. If it displays from a country that’s different from where you are, take measures to secure your account and prevent unauthorized access. This is why it’s important to keep an eye on your inbox to spot any such emails.
3 Check Windows Event Viewer for login details
Catch intruders using your PC
There’s a chance that intruders or hackers may have gained access to your Windows PC to get to your Microsoft account. If that’s the case, you can’t use the methods mentioned above, as they are restricted to detecting logins into your Microsoft account. However, Windows has a built-in tool called Event Viewer that you can use to detect logins on your PC from a different location.
Use the Start menu to look for Event Viewer. Open the app and navigate to Windows Logs > Security. Here, look for event ID 4624, which denotes logins. Select the relevant entry and check its properties. You should find the IP address of the login. Now, open an IP address checking tool, enter the address, and check the location. If it’s from a different country, your PC’s security has been compromised.
2 Look for unfamiliar apps and services
Remove potential malware
If your PC has been compromised and you can’t detect it using the previous method, look for apps and programs you may not have installed. Attackers may have installed keyloggers or apps with malware on your computer to steal your data. Check your computer for such apps and files if you detect something is fishy with your account or PC.
Go through the list of installed programs on your computer and keep only those you installed. If you see something you don’t remember downloading, delete it to avoid issues. Also, look for apps that may have a name or label in a foreign language. This is also a good indicator that your account was compromised in a different country.
1 Analyze traffic sources using Resource Monitor
Check the IP address of Microsoft services
Similar to how Event Viewer shows the login sessions on your PC, another native app on Windows monitors network connections. It’s called Resource Monitor, and you can use it to check if your Microsoft account has been compromised. It detects which servers are contacted by a Microsoft app running on your computer. If the IP address matches your local one, you don’t have to worry about anything.
However, if some IP addresses belong to other countries, your account may be at risk. To verify, open the Resource Monitor app by looking for it in the Start menu. Also, open Outlook, Teams, or another Microsoft app that requires an internet connection. Then, go to the Network tab inside Resource Monitor and expand the TCP Connections window. Select the Microsoft app you launched and note the IP address. Verify which country it belongs to. If it’s from a different nation, your account may be compromised.
Related
Does a password manager actually keep your accounts safe?
You could be trusting your entire digital life to one login
Protect your precious data
If someone accessed your account from a different country, your security was breached by an attacker, or your password appeared in a data leak. The best solution is to sign out of all linked devices, change your Microsoft account’s password, and log in via trusted devices using the Wi-Fi network at home or your workplace. To avoid such situations, don’t use the same password on multiple sites and use a strong password that consists of numbers and symbols. Also, use a password manager to generate and store your passwords in one place.
