Published by

Brink's Avatar

Join Date: Jul 2009
Posts: 21,868

How to See Detailed Information about your Microsoft Account Recent Activity

information   Information
The “Recent activity” page shows info about the activity in your Microsoft account, within the last 30 days. This includes any time that you signed in to your account, whether you used a web browser, your phone, an email app, a third-party app, or another method.

What does the info mean?

For each activity, the Recent activity page lists several things:

  • The description of the activity
  • The date and time the activity occurred
  • The location where the activity occurred

You can click any activity to expand it and see additional details, including:

  • The IP address of the PC or device on which the activity occurred
  • What type of device and operating system was used
  • What Internet browser or type of app, if any, was used

For more details about recent activity, see:

This tutorial will help show how you can view detailed information about all recent activity in your Microsoft account within the last 30 days to give you more visibility and control of your Microsoft account.

Note   Note
The following table explains the different activity descriptions you might see listed.

Activity description What it means
Successful sign-in Someone signed in to your Microsoft account with the correct password. (This was probably you!)
Security challenge Microsoft detected an unusual sign-in attempt with the correct password. (This might have been you, but we weren’t sure—for example, this might have happened on a new device we didn’t recognize.) To help protect your account, we required an extra security challenge.
Incorrect password entered Someone tried to sign in to your Microsoft account with the wrong password. (This might have been you, if you forgot your password—or it might have been someone else trying to access your account. We didn’t allow this sign-in.)
Phone number added
Alternate email added
Authenticator app added
Recovery code added
Phone number deleted
Alternate email deleted
Authenticator app deleted
A piece of security info for your account was added or deleted. Learn more about security info
All security info marked for removal All the security info for your account (such as alternate email addresses, phone numbers, and authenticator apps) was scheduled to be removed. Learn more about replacing security info
Account name changed The name that identifies you in the Microsoft products and services you use has changed.
Password changed Your Microsoft account password was changed. If you didn’t do this, learn how to reset your password.
Password reset Your Microsoft account password was successfully reset.
Alias added
Alias deleted
Primary alias changed
An alias is an additional email address that uses the same inbox, contact list, and account settings as the primary alias (email address) for your Microsoft account. Learn more about aliases
Two-step verification turned on
Two-step verification turned off
Two-step verification uses two ways to verify your identity whenever you sign in to your Microsoft account. You can turn it on for added account security, or turn it off whenever you want. Learn more about two-step verification
App password created or deleted App passwords are used for apps or devices that don’t support two-step verification. Learn more about app passwords
Profile info changed Profile info such as your name, birth date, gender, country/region, or ZIP/postal code was changed. Update your profile info
Account created A Microsoft account was created.

Here's How:

1. Click/tap on the Microsoft link below to sign in to your Microsoft account online Recent activity page from any PC.
2. From here, you can go through each activity to see if there is any unusual account activity.

Note   Note
What should I do if I see unusual account activity?

You’ll probably recognize most of the account activities listed on your Recent activity page. Even if an activity sounds suspicious at first, you can expand it to see more details and decide whether you remember it. For example, if you accidentally made a typo in your password, you’ll see Incorrect password entered in the list. Or, if you signed in to your account from a mobile phone, you might find that your service provider routed the signal through a cell tower in another city.

But if an activity looks unfamiliar, or if you see an unusual pattern (like multiple sign-in attempts or changes that you’re sure you didn’t make), let us know. We’ll help you make your account more secure to minimize any threats.

If you click “This was me”:

When you tell Microsoft you were responsible for an activity, Microsoft will keep track of that info going forward. For example, if you sign in from a new location that happens to be the hotel you’re staying at on a business trip, Microsoft will add that location to the list of places we expect you might sign in from in the future.

If you click “This wasn’t me”:

When you tell Microsoft that you don’t recognize an activity, it’s possible that a hacker or a malicious user has gotten access to your account. To help protect your account, Microsoft will walk you through several steps, including changing your password and reviewing and updating your security info.

Click image for larger version

That's it,