Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.
I appreciate when commenters end their first paragraph with bullshit so you don’t have to read any farther. I’d love to hear how you think they cracked your randomly generated password via brute force against Microsoft.