How to safeguard Microsoft/hotmail.com/outlook.com account

 Let's say, your email address is xxxxxx@hotmail.com (it could be xxxxxx@outlook.com, it does not matter)

  1. Go to https://account.live.com/names/manage and create an alias yyyyyy@outlook.com

  2. Designate yyyyyy@outlook.com as a default alias

  3. Go to https://outlook.live.com/mail/0/options/mail/forwarding and set old email alias xxxxxx@hotmail.com as a default "From:" address

  4. Go to https://account.live.com/SignInPreferences and disable sign-in for xxxxxx@hotmail.com

Now, every attempt to login to xxxxxx@outlook.com triggers the error
"That Microsoft account doesn't exist. Enter a different account or get a new one."

See image https://i.postimg.cc/zvHpQkF0/error-no-account.jpg

You are still going to send by default from xxxxxx@hotmail.com
Obviously, keep yyyyyy@outlook.com completely private, use it for login only.

Of course, enable 2FA using TOTP (Authenticator) and/or hardware device (like Yubikey) regardless of everything else.

See also https://www.reddit.com/r/cybersecurity_help/comments/1ei0opf/attempts_to_hack_my_microsofthotmailcom_account/

Comments

Post a Comment

Popular posts from this blog

Workaround for synchronization error of Microsoft hotmail.com/outlook.com account on W10M Lumia

Image
MS Exchange and Active Sync protocols stopped working on all Lumia phones at the end of January 2024. What to do: Email (WP8.1 and W10M): use IMAP/SMTP with application password to connect to your hormail.comoutlook.com email address Calendar (W10M only): Use One Calendar app Contacts: no solution or use Memotoo.com service to sync with Google account _______________________________________________ The manual below is for archive purpose only, it does not work anymore. It is a known issue. For unknow reason, email, calendar and contact syncing stops working randomly. Workaround: Let's say your Microsoft account email is xxx@hotmail.com Remove this account from the list of email accounts but leave it as is as Microsoft account. At this point, your Microsoft account xxx@hotmail.com will be used only for  Store, MS Office, MS Weather and OneDrive but not for Email/Calendar/Contacts (disconnected from Mail client) Now second step: 1. Create ActiveSync account (Accounts-->Email
Read more

IMAP, POP and SMTP settings of email providers for legacy email clients without OAUTH2 support

Image
Gmail IMPORTANT: from May 2022 Gmail can no longer be used by third-party apps that do not support OAUTH2 with main Google password. You need to activate 2fa first and create Application Specific Password after this. How to activate 2FA: 1) First go to your google account and log in as usual. 1a) Turn on IMAP here  https://mail.google.com/mail/u/0/#settings/fwdandpop 2) go to this link https://myaccount.google.com/security 3) Goto  "2-step verification 4) Select 2FA method (SMS, TOTP client or hardware token) and enable it according to instructions 5) Do not forget to save or print recovery (backup) 2FA strings. You will need them in case you do not have access to your main 2FA method.  Once this is done, you return to the menu https://myaccount.google.com/security and now by having 2fa activated you can see under "application passwords" Create Application password with access to email (16 characters) Use this password with email clients. The settings are following: IMAP
Read more

Настройки IMAP, POP and SMTP для устаревших email клиентов без поддержки OAUTH2

Image
  Для использования email цлиентов на старых устройствах надо использовать «пароли для приложений» (application password). На «нулевом» этапе включаем опция «пароль для приложений». К сожалению, в большинстве случаев придется включить двухфакторную аутентификацию (2FA, two factor authentication), без которой нельзя сгенерировать пароль для приложения. Это может быть номер телефона / СМС, TOTP клиент (Google Authenticator, Aegis, Microsoft Authenticator) или Email (для hotmail.com). Eсли у вас телефон на Symbian или S40, то используйте totp-me https://sourceforge.net/projects/totpme/files/1.8.Final/ или lockore https://4pda.to/forum/index.php?showtopic=902807 или hotpants (последний раз обновлялся в сентябре 2022) https://github.com/baumschubser/hotpants/tree/master/dist A теперь — собственно к настройкам Gmail Прежде всего, включаем IMAP : https://mail.google.com/mail/u/0/#settings/fwdandpop Включаем Application Password 1) Идем на https://myaccount.google.com/security 2)  "2-step
Read more