cross-posted from: https://lemmy.world/post/12063839
Someone keeps trying to access my MS account
Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.
Buy two ubikeys, one for you and one for your safe or lockbox.
Also use a password manager and don’t reuse passwords.
Might be a dumb question but can I use a yubico key for more than one device?
Yes!
In fact, I have an NFC one which id highly recommend and just scan my phone on it and log into my password manager.
Two is one, one is none though. You need to set up both keys on each website or app. Then lock one away.