cross-posted from: https://lemmy.world/post/12063839

Someone keeps trying to access my MS account

Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.

  • @[email protected]
    link
    fedilink
    English
    11
    edit-2
    10 months ago

    Buy two ubikeys, one for you and one for your safe or lockbox.

    Also use a password manager and don’t reuse passwords.

    • @daft61lunacyOP
      link
      310 months ago

      Might be a dumb question but can I use a yubico key for more than one device?

      • @[email protected]
        link
        fedilink
        English
        6
        edit-2
        10 months ago

        Yes!

        In fact, I have an NFC one which id highly recommend and just scan my phone on it and log into my password manager.

        Two is one, one is none though. You need to set up both keys on each website or app. Then lock one away.