Is receiving login codes you didn’t ask for a security concern?
In the last few days, i received emails from Microsoft with login codes. AFAIK Microsoft login works without password but with sending those codes to an alternate email.
In this email, Microsoft states, that if I didn't try to log in I should just ignore this email.
But should I really, if it happens every few hours, like 4 times per day?
There is the possibility that whoever attempts to log in will just guess the 6-digit code - it's very low, but there is the possibility.
I don't know what I should do, as my intuition tells me that this is a concern, yet the mail says I shouldn't worry.
Also it's not sure what I could do, as I can't change the account name (mail address) and as the password is not used to log in, changing it, doesn't stop the "attacker". I changed it just in case it could have been leaked alongside the mail. (although the mail might not have been really leaked, to attract some attacker as it is a very short address)
This is the mail I am receiving multiple times a day:
Hello,
We have received your request for a one-time code for your Microsoft account.
Your one-time code is: ******
If you did not request this code, you can ignore this email as your email address may have been entered accidentally by someone else.
Sincerely, Your Microsoft Account Team Privacy Statement: https://go.microsoft.com/fwlink/?LinkId=521839 | Imprint: https://aka.ms/impressum_de Microsoft Corporation, One Microsoft Way, Redmond, WA 98052