this post was submitted on 17 Feb 2024
135 points (96.6% liked)
techsupport
2473 readers
3 users here now
The Lemmy community will help you with your tech problems and questions about anything here. Do not be shy, we will try to help you.
If something works or if you find a solution to your problem let us know it will be greatly apreciated.
Rules: instance rules + stay on topic
Partnered communities:
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
What you need to realize is that for Microsoft, these attacks are constant. They deal with them basically 24/7/365. The target might change, but the attacks never stop.
Between Hotmail, Outlook, and exchange online (365) they're handling a large number of attacks per second all the time.
If they started to inform you about it, they would easily triple the emails they're handling due to all the failure messages.
This is nothing new to them, it's been going on since long before you noticed. Any MFA will effectively stop any attacker in their tracks. Make sure you have changed your password since you got that code sent to you, since that usually indicates a successful password breach.
Yubikeys are a good idea but you should always have a backup, so if you can afford it, buy two. One to carry, one to use. The downside is that each needs to be enrolled separately to each service that they're used for. It's not an issue to have multiple keys associated to the account, so that would be my recommendation.
I have a yubikey for work, and I use TOTP as a backup, and personally, I have a pair of Google Titan security keys. One to carry and one to stay at home.