I see lots of failed attempts to login to my account, should I do anything?

//

Hi, Leo. I was changing my password tonight on Hotmail and went into a section I never noticed before called recent activity. I was shocked to see that in the past two weeks there were a ton of failed attempts from nearly every country on the map that had tried to login to my Hotmail account. Is this normal? Should I be scared? Should I close the account? I’ve had this account since 1997 so it has lots of information about me in different folders. Thanks.

Honestly, what you’re seeing doesn’t surprise me. I do have some suggestions on what you should do, but closing your account isn’t one of them.

Become a Patron of Ask Leo! and go ad-free!

Recent activity in Outlook.com

I actually didn’t know that Outlook.com (Hotmail) would show recent activity. I’m pretty pleased that it does. So for those who haven’t seen it yet, click on the gear icon when you’re logged into Outlook.com; click on Options; click on Account Details and then on the left-hand side, you should see something called Recent Activity. Click on that.

Or, you can go directly to https://account.live.com/activity. You will, of course, need to confirm your password for security.

Recent Activity

I did this on another account, and I noticed that someone had attempted to access my account from France, Japan, Ecuador and the Netherlands.

Attacks are constant

One thing that everyone really needs to realize is that our accounts are pretty much under constant attack. Or at least, we certainly need to act like they are. Hackers or bots or who knows what else are basically trying to get in by just about any means into any account that they can find.

They’re typically unsuccessful, but it only takes once to get hacked. And from their perspective, even if they trigger a million automated attempts and they get into only one account, they’re successful.

Secure your account

The single most important thing you can do is secure your account with a good password. The longer the better and the more random the better. Ideally, you’d use a password manager like LastPass to remember them for you – so that you can choose something that’s completely random; so random that there’s simply no way to remember it.

And of course the other thing you need to do is never, ever use the same password on more than one site. Very often these hacking attempts that you see are actually the hackers exploiting data that they may have found somewhere else. Perhaps a different account has been hacked and they’re simply trying the password they found there at every other account they can think of that might possibly be related.

Consider two factor authentication

I also strongly suggest setting up two-factor authentication for any account that you consider to be particularly sensitive. When you’ve got two-factor authentication, it’s not enough to just know the password. You can have the password and still not get in. You also have to prove that you’re in possession of the second factor.

In my case, as an example, I need both my password and a number generated by an application that’s on my smartphone in order to login to my Outlook.com account. Even if a hacker gets my password, they still can’t login because they don’t have that second factor. Yes, it sounds like it could be a little annoying to have to have that second factor for every login. But in reality, you don’t; there are some shortcuts you can take that to make it easier on computers use regularly.

But what’s important is that someone coming in from a brand new location elsewhere on the planet cannot use those shortcuts. They must have that second factor which of course, they won’t.

Ultimately, in your scenario, I really don’t think there’s anything to be truly concerned about. It is, however, a very real reminder of just how important password and account security really is.

27 comments on “I see lots of failed attempts to login to my account, should I do anything?”

  1. I got caught with this the other night to the point that it kept me up till early in the morning changing my passwords etc thinking someone was trying to get some info about something personal Until I worked out that the places from around the world I was getting attacked from were actually my other email sites that I had given permission to collect my outlook email from, so I could read outlooks email from a different Mail site like YandexMail from Russia if I wanted to , & that the false Logins were because I had changed my password on outlook earlier which caused false logins..
    And as soon as I went to Yandex for example & changed the password for the email address That it then stopped & I was able to go to bed.
    So I would suggest anyone else to think of any other websites or Email sites that have been given permission to collect or check their email from.
    AnyWay I think this may help someone as it helped me.

  2. I was surprised as well to find the recent activity option in Outlook.com. Gmail is my main email and I let it collect mail from Outlook. My activity shows a successful sign-in about every hour, presumably from Gmail.

  3. I’m in a difficult situation. I made the mistake of blowing the whistle on a fellow employee who did something illegal amongst other unethical things. Instead of investigating him, my boss has me under investigation and is trying to establish grounds for termination. When the investigation started (4 months ago), I suddenly noticed a series of failed attempts to login to my personal email account. The attempts stopped when the investigation ended. I was cleared of his false complaints, but he has kept me under his own investigation and has been harassing me. I just got demoted, the guy I reported was promoted and now I’m under investigation by HR, again, and the failed login attempts have started again. Is there anything I can do about this? They appear to be using TOR servers when trying to access my email. I’ve been trying to ride this out, but I’m at my wits end.

    • Gary, it has been so long since you posted your concern about you blowing the wistle on someone but I would like for you as well as anyone else reading your comment to know; it is illegal for someone to retaliate against a person for blowing the whistle. You could seek legal assistance for this problem. There are attorneys that have free consultations. I would suggest you take that step because people that think they are above the law will continue to retaliate unless they are stopped through the legal process.

  4. I’ve just checked my “recent activity” in outlook and have discovered multiple SUCCESSFUL login attempts from my home country (I’v.e been overseas of more than 2yrs). I’ve changed passwords on critical accounts. But I am freaking out. I’m not in the same position as Jason above – I haven’t given permission to any other sites to access my Hotmail account. How do I find out who has been hacking my account – I have the IP address and approximate location from the “recent activity” details. What else can I do??

    • To the best of my knowledge you cannot find out who. Perhaps with lawyers and a court order – if there’s sufficient reason to involve them – but as an individual that information is simply not made available.

  5. I checked the Recent Activity on my outlook.com email account. Wow! Every half hour I see someone is unsuccessful in trying to log into my account: I’m happy to say that they don’t have the right password. Just to be careful, I changed it tonight. A strange thing is that the IP address associated with this unsuccessful log in is my own IP address; this is too strange. It is as though I am trying to sign in to outlook every half hour and using an incorrect password. I now use a wildly random 15-character password generated with LastPass (a really great password management program) so I feel pretty secure thinking that they won’t ever gain the password. However, it is very upsetting to think that someone is continuing to try to get into my account. I’ll consider two-factor verification to be more secure. I wish Microsoft would step forward and offer to track down the individuals who are behind this mischief.

    • If it’s coming from your own IP address then it’s more likely some program that you’ve configured with your Microsoft account and forgotten about. Nothing mischievous about it at all.

  6. I’m seeing successful sign ins from hub cities almost every day this month. I just discovered this last night. Mostly in Chicago, Atlanta, and Kansas City. I have used Copy.com to transfer some audio files to a client. Could this be what is doing this?

    I changed my password yesterday and noticed another successful sign in this morning. Is this something related to iCloud? If it were a hacker, wouldn’t it show an unsuccessful password attempt since I have now changed my password?

    Thanks!

  7. Leo, just want to say you site is very good and useful. I am glad you share you knowledge with us and your remarks and advices are great.
    Thank you.
    All the best,
    Isac.

  8. How far back does activity go? I can’t get to it yet because I need to send a code to my other account to view it, but I know my account has been hacked and wondered how far the data goes – 2 months? Or recent, recent?

    I also know this because 7 days ago my account changed to the Outlook Web Access without any prompt and without a tutorial!! I didn’t do this, so it must be someone accessing the account. Very worried! I also don’t have 360 on my account so can only imagine this has been linked by an exchange account or business account (as it says I have in my settings!) but don’t! Please help.

  9. My boyfriend tried to open his hotmail while on my computer about 3 weeks ago but because we were in Asia, hotmail would not open. He just wrote me today that he has received about 10 emails about failed attempts to open his account and the one he just forwarded to me gives my IP address. I had not cleared the cookies from my computer (but now have) but I have a strong anti-virus. For some reason sometimes MSN’s homepage opens automatically and sometimes I do read the articles. I thought maybe the MSN homepage was trying to open hotmail and hence his account. However the timing of the message from today does not match my history for MSN today. Could this be a virus? I certainly look bad as it looks like I am trying to hack his email. I am using a hotel wifi system where the room number and name have to be input.

    • These are cookies at work. They are supposed to make life easier. Some sites don’t have an option to “remember password” it just does it.
      When signing into ANYTHING that’s not my own pc, I always use ctrl+shift+p to open a private browsing window. This won’t store any cookies from my session.
      Had your bf done this, there would be no issue. Facebook is known to operate on this level as does Google/YouTube. Mostly for sale of voting as their content spreads wide and has integration with many websites for comments.

  10. MY android has consistently been buzzing the same message over and over, about 3 weeks, causing the battery in my phone to be used up quicker. The repeated message is very bothersome. I would like for it to stop. Makes me regret using Outlook.com
    message; failed to log-in @outlook.com
    1-6-2016

    Thank you for any help,
    blessings,
    Petie

  11. I’ve got a king size pain in the behind trying to get into my personal BT email address, as the amount of times I’ve had to change my password this past fortnight has been crazy, but mostly annoying. I’ve even got onto British Telecom about it too, to which the only thing they’ve advised me to do is change my security question too. That which I did last night, but trying to log into my email two minutes ago, it’s stated you’ve had too many attempts, please try again after 15 minutes. With the phone call I had with BT the other day too, I clarified as to whether you’re allowed 3 attempts to login to your email, which they said, “Yes”. But it was only one attempt I did two minutes to log into my email account, and it chucked the, “Please try after 15 minutes”, so it’s plain to see some plank is trying to get into my emails. How do I stop this altogether?????

  12. I’ve noticed in the past 2 weeks someone has been trying to get onto my Gmail acct. Every few minutes someone tries to get in it and each time the phone tells me that the login in is unsuccessful. Should I be concerned? What can I do to prevent them from getting in? I already have a long password which is why they’re not sucessful in getting in. Please advise as I’m afraid the will eventually get in and steal my personal information, thank you.

  13. Hi whenever I try to log in they tell mi forgot password.I tried to reset a new psswrd I don’t knw whether I was successful am confused am update d couldn’t sign in.

  14. How is it that someone even gets the opportunity to try and access your outlook account ?

    Whatever mechanism it is, surely it’s THAT that needs to be addressed.

    • The opportunity is internet access and a keyboard. A login field is open text, anyone can try to get into anyone’s account.
      Step one is finding your mark. If you enter you email to sign up to a website, and they sell your email address as part of data sale, who k does who they in turn sell that for.
      Also posting your email address in plain text on a site is top reason.

  15. Sir my password has lost and unfortunately I removed my mobile no and email from my account,I’m trying to reset bt no more option to get a code,and i dosent see the no longer this option any pageso plz advice how to get my password

    • Your only options will be the ones that are provided to you. If you removed your mobile number and alternate email then your choices will be very limited.

  16. Theres someone trying to fetch my playstation network password, about every hour of the day, i get e-mails of the reset ur password thing.. what can i do..?
    Also yesterday, someone from japan succesfully logged into my google account, but the acces got blocked, because i have the mobile authenticator on.. how can i get these people to stop attacking me..?

    • What you can do is already discussed in the article. The most important thing is a long password, at least 14 characters. A good password should defend against all attempts (providing the websites you log on to do security right). I’m guessing your Google account had a short or easy guessable password.

Leave a reply:

Before commenting please:

  • Read the article. Comments indicating you've not read the article will be removed.
  • Comment on the article. New question? Start with search, at the top of the page. Off-topic comments will be removed.
  • No personal information. Email addresses, phone numbers and such will be removed.
  • Add to the discussion. Comments that do not — typically off-topic or content-free comments — will be removed.

All comments containing links will be moderated before publication. Anything that looks the least bit like spam will be removed.

I want comments to be valuable for everyone, including those who come later and take the time to read.