Hotmail MFA question

autumn

autumn

Active Member
Reaction score
26
Location
Geelong, Victoria, Australia
hey all

I'm not a Hotmail fan and haven't dealt with it for a long time. However I currently have a client that use it for their business (I know I know, they have a domain name but they can do this stuff better than me, lol). Anyway, it looks like their password has been compromised and it has been reset. MFA (it is a paid Outlook account) is set up, however it only seems to kick in when you go in to the forwarding setting. I can log in with just the username and password on multiple browsers without it prompting for the MFA. AM I missing something?
 
Forwarding and resetting the MFA tokens are the "high risk actions" where MFA enforcement is guaranteed to happen.

It's stupid too, because the authorization tokens for Outlook.com accounts are valid FOR WEEKS. So even if you fully recover the account, you can't really kick the attacker out.

You'll have to do the account recovery dance, and that's not an easy thing to do.
 
I've been able to remove any unwanted log ins.

And as mentioned MFA is enabled and does only seem to work when you go in to the forwarding settings of the account, I've never accessed the account before and was able to log straight into the account with the username and password, no MFA required (but is enabled) however until you click on the settings -> forwarding this prompts MFA. I find this odd. Why wouldn't it do the MFA when you first login?
 
autumn said:
I've been able to remove any unwanted log ins.

And as mentioned MFA is enabled and does only seem to work when you go in to the forwarding settings of the account, I've never accessed the account before and was able to log straight into the account with the username and password, no MFA required (but is enabled) however until you click on the settings -> forwarding this prompts MFA. I find this odd. Why wouldn't it do the MFA when you first login?
Click to expand...
Because that's security defaults... insane... but real.

learn.microsoft.com

Providing a default level of security in Microsoft Entra ID - Microsoft Entra

Get protected from common identity threats using Microsoft Entra security defaults.
learn.microsoft.com
 
You must log in or register to reply here.

Similar threads

autumn
Facebook auth. codes not working
Replies
5
Views
352
frase
frase
callthatgirl
Weird hack I can't figure out
2
Replies
21
Views
1K
Sky-Knight
Sky-Knight
thecomputerguy
New clients MFA is all out of whack and not sure how to fix it.
2 3
Replies
50
Views
2K
HCHTech
HCHTech
thecomputerguy
I cannot possibly see how this MX record swap is going to work...
Replies
2
Views
324
thecomputerguy
thecomputerguy
autumn
Iphones / Apple ID, am I going to brick the iphone?
Replies
7
Views
518
Sky-Knight
Sky-Knight
Back
Top