Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.
PSA: you can add mail aliases for outlook and set one of the new aliases as your only valid login address. That way no one knows your login email address in the first place.
What a great tip. Thanks!