Yup, that would indicate that likely a bot is trying to guess it’s way in.
You are still safe.
The only weird thing here is that Microsoft lets such things bother you instead of guessing that you didn’t teleport to Brazil and instead putting a little extra burden on the Brazil end before sending you an email.
If you’re still feeling worried, the biggest thing you can do is enable two-factor auth (which you should do anyway), or even better: enable something like passkeys which are very secure and also easier than username/password.
Two-factor/password manager is the “remember to brush and floss” of the security industry, so… Please do those things. :)
skullgiver@popplesburger.hilciferous.nl 4 months ago
prettybunnys@sh.itjust.works 4 months ago
FWIW Microsoft does a blind token here meaning they send it if your password is correct or not.
skullgiver@popplesburger.hilciferous.nl 4 months ago
prettybunnys@sh.itjust.works 4 months ago
It’s just login attempt when you’re setup this way.
It happened to my account AFTER I changed the password.
I do not believe accounts are setup this why by default and Microsoft does encourage you to use better 2fa as well.
Requiring a token + password before authentication is attempted is common, the password being entered triggers the token but it doesn’t mean you’re in.
This is not Microsoft doing something wrong, it’s Microsoft protecting an account that ought to have been protected better.
OP needs to go in and configure actual 2factor