Late yesterday I found my MSOutlook (hotmail e-mail) session had been closed. There was an error message saying
You need to sign in. Your session has expired. You may need to enable pop-ups in your browser for this site. Sign in to continue.
I don’t recall ever seeing this before and since it has a Sign In button and will, of course, ask for my e-mail password again I was suspicious. So I didn’t try to sign in.
I’ve just fired up my laptop and tried to log in to the hotmail account from there and access is blocked on that machine too. They’re asking me to enter a phone number so they can SMS me a verification code which will allow me to log back in to my hotmail.
If these are Bad Guys somehow coming at me via different attempts (by me) to log in to my e-mail then I’m reluctant to give them my phone number as well. But if they really are Microsoft then maybe I have to ?
Does any of this make sense ?
I don’t think I’ve ever registered a phone number with Microsoft for account recovery. But I have registered an alternative e-mail address.
Do you see a lock icon by the URL, or a similar symbol to indicate at least that it’s a secure connection? You can also check for https vs http at the beginning of the URL. That will at least tell you if you’re on the right domain.
MS will certainly try to steer you towards having some degree of 2-Factor Authentication set up, which is generally via a phone number.
Well the process seems to have worked. I updated the laptop and logged into hotmail, having jumped through MS’s version of Captcha and entered their SMS’d code, and now my e-mail is accessible again.