Scary stuff
- Thread starter RavenLunatic
- Start date
Soldato
Seems I was breached overnight. I have 2FA on via google authenticator app. I get loads of attempts which by looking at this thread is nothing unusual or even worrying however this time they got a bit further. MS flagged it as unusual. I logged in and changed password via a code from the google auth app. I have also signed myself out of all other devices. Checked sent items and no emails have been sent.
Anything further to be worried about?
Anything further to be worried about?
If you had any app passwords set up for accessing email change them too.Seems I was breached overnight. I have 2FA on via google authenticator app. I get loads of attempts which by looking at this thread is nothing unusual or even worrying however this time they got a bit further. MS flagged it as unusual. I logged in and changed password via a code from the google auth app. I have also signed myself out of all other devices. Checked sent items and no emails have been sent.
Anything further to be worried about?
But I think the best thing to do, assuming you're using Outlook.com for your mail, is to disable POP and IMAP support on you account and either use their web based mail or a client that supports modern authentication. POP and IMAP don't have proper support for 2FA so are a weak point on your account.
Soldato
Thanks for that.
I'm using outlook app on both phone and laptop. Just logged into Live again from desktop and there are several more attempts but where it usually says unsuccessful, incorrect password entered (which doesn't bother me too much) the latest attempts are labelled as unsuccessful syncs. Does that mean they have cracked my new password already? Was a firefox strong suggested one. Or is it an example of 2FA working as planned and I shouldn't worry? I haven't had any 2FA requests by text or email or in the app by MS.
I'm using outlook app on both phone and laptop. Just logged into Live again from desktop and there are several more attempts but where it usually says unsuccessful, incorrect password entered (which doesn't bother me too much) the latest attempts are labelled as unsuccessful syncs. Does that mean they have cracked my new password already? Was a firefox strong suggested one. Or is it an example of 2FA working as planned and I shouldn't worry? I haven't had any 2FA requests by text or email or in the app by MS.
I'm not sure to be honest, but if you're already using the Outlook app then you definitely don't need POP or IMAP enabled which I believe are the source of those sync type attampts.
Log into Outlook.com on a computer then click the gear in the top right to access settings, click Forwarding and IMAP. You might be prompted to sign in again, after you do that then turn off POP and IMAP at the bottom.
Soldato
Microsoft is phasing out app passwords anyway. Mine stopped working about a month ago, 3rd party email clients now need to use OAuth 2.0 to sync to Outlook.
I would make sure app passwords is completely off, go to https://account.microsoft.com , expand "Security" then select Additional security options. Find "App passwords" then select "Remove existing app passwords".
If this is for "Automatic Sync" then unsuccessful syncs mean they have the wrong IMAP/POP3 password to access your account. You should be safe.
I would make sure app passwords is completely off, go to https://account.microsoft.com , expand "Security" then select Additional security options. Find "App passwords" then select "Remove existing app passwords".
Soldato
Cool, thanks. Yep Automatic Sync. Still loads of attempts from multiple worldwide locations but nothing got through. Have turned off app passwords
