For the last year, I’ve been having an issue with my main Microsoft account and it has been driving me crazy.
Specifically it’s these email requests :
At first, you might be wondering why I’m dedicating a post on my blog to a one time code email, and these sort of emails might be useful, especially in a case where your password is potenially out there and someone’s trying to access the account. Who should be mad?
Well these emails don’t come from password attempts, they come from one time passcode requests and interestingly you don’t need a correct password to even send a request :
Whilst I would just create a rule to block these notifications, I would like to know if someone was requesting a one time code and actually had my password rather then just blindly ignoring all these notifications.
I even went as far as swapping the email address of the microsoft account and I’m still getting these emails associated with the original email address. I’m not sure what to do.
And to make things even more confusing, my account security in Microsoft dashboard shows nothing so I’m certain my password is not comprimised.
Forum discussions about this issue specifically :
- https://answers.microsoft.com/en-us/outlook_com/forum/all/receiving-unsolicited-one-time-usage-code/a99e8c30-4fb6-4b27-80c1-abf79459ea65
- https://www.reddit.com/r/cybersecurity_help/comments/17e2ur8/multiple_singleuse_code_emails_received_from/
I’ll write a follow up if I get to the bottom of this.
Oliver Dimes Blog 
Leave a comment