#Possible Crisis - Authenticator Just Gave me an unwanted Code

My phone just got a notification for a code, even though I haven't tried to log in. Has someone somehow gotten my password???

Might have, but probably stopped via 2FA. Change your password and log out of everything

check the session history

How do I do that?

one sec, trying to find the direct link

https://account.live.com/Activity there you go

look for failed attempts

Seems like I found it, but none of the devices seem to be out of the ordinary.

Two at 6 and 6:01 PM + one now, all three are me and successfull.

Changed the passord just in case, but do I then need to turn off and on 2FA again and get new backup codes + app password?

no real need for that I think

but I would recommend disabling SMS 2FA

oh?

SMS 2FA is way less secure than any other 2FA methods since SMS is inherently insecure

Don't understand why my Auth. app alerted me of a sign in verification with a choice of three set of codes, when I didn't log in or do anything new and nether the Activity or Devices area of Account Microsoft website shows any sign of new devices that doesn't belong to me or any sign in other than my own.

I get it now, for some reason Microsoft have changed it to when you log in to new places, browsers, IPs etc. it defaults to "ask for a code in Authenticator" now where you can easily jump in with the app by verifying the login instead of just writing in your password. So nobody had my password or access to my account to begin with, just entered my email and pressed "login with code" nonsense.

that's precisely what 2FA does

asking for more than "just your password"

Have had 2FA activated for years, of course its a nice and secure feature. However, a little weird to have that as default instead of doing that after writing in your password like it used to.

I don't even have a password anymore

I'll mark this as solved then