The My Sign-Ins page empowers users to see:
- If anyone is trying to guess their password.
- If an attacker successfully signed in to their account from a strange location.
- What apps the attacker accessed.
The newest addition to this page allows end users to report “This wasn’t me” or “This was me” on unusual activities.
Microsoft now highlights suspicious activities that they’ve detected with Identity Protection at the top. For example, if a risky sign-in was automatically detected, it would get bubbled up to the top under a new section for “Unusual activity”:
Microsoft also added “This wasn’t me” and “This was me” buttons for unusual activities. If a user chooses “This wasn’t me”, then they would see this dialogue:
They would then be taken to the Security info page to review and update their authentication methods.
If a user chooses “This was me”, then they will see this dialogue:
The end-user feedback will help improve the accuracy of Microsoft’s risk detection systems. System Admins can monitor what their users are choosing by checking the audit logs, and use that information to help you decide whether to confirm or dismiss the risk.
If a user doesn’t have any suspicious sign-ins, then they’ll just see the “Recent activity” section. Users can also review their normal sign-ins and report if anything looks strange by clicking “Look unfamiliar? Secure your account”.
Users can also see if anyone else is trying to guess their password. In that case, they’d see an “Unsuccessful sign-in” like this:
Searching and Filtering
Microsoft also heard feedback about the need for better filtering and now you can use the Search bar at the top to look at only the “Unsuccessful” sign-ins.
You can also use the Search bar to filter for other details like the app, browser, location, operating system, etc.
Finally, Microsoft made My Sign-Ins more mobile-friendly too,
A similar feature is available for personal email too, with a Recent Activity page for consumers with Microsoft Accounts at: https://account.live.com/activity.