- cross-posted to:
- [email protected]
- cross-posted to:
- [email protected]
Like the title says, I’ve got yesterday an email with a code to access my Microsoft account and that made me suspicious because I wasn’t trying to login to my account. When I looked at the login attempts I saw that someone else was trying to access my account, I changed my password, activated TFA. Thinking of going through and buying a physical key like yubico to further secure my account. Any tips are appreciated.
Brute force attacks are usually done offline, where the attacker somehow gets a copy of a database of hashed passwords and they can take as many attempts as they want locally before they get a hit and can try it online.