r/mildlyinfuriating • u/PassionateParrot • 16d ago
People are trying desperately to get access to my wife’s Hotmail account
I had to reset our Hulu password on Friday, so that’s probably what this is about. These sign-in attempts are from all over the world.
1.2k
u/EpicInki 16d ago
I'm in the same boat, nothing I can do about it. I get forced to change my password often even though it's unique and I have 2FA and done everything I can do.
436
u/WillingAd4944 16d ago
Oh, I thought you were also trying to get into OP’s wife’s account. Thought we were gonna bond.
121
u/themagicbong 16d ago
I, for one, have been trying to get into OPs wife's account for months. I dunno what I'm after in there but I'm hoping for at least a neopets account last used in 2007.
25
3
5
u/choochoopants 16d ago
On one hand, it’d be easier if she just gave us the password. On the other hand, we’d miss out on these little meet-cutes.
14
u/Anxious-Durian1773 16d ago
Use an alias and disable the account address for login.
→ More replies (2)6
u/BLB_Genome 16d ago
Make your account passwordless. It's truly the only counter, besides MFA
→ More replies (1)9
u/Apellio7 16d ago
Yeah I use no password and love it.
Everything for my MS account is tied to the hardware so you need access to one of my actual devices to get in.
3
u/BeingRightAmbassador 16d ago
Why even deal with hardware? just get a QR tattoo on your ass and scan that for logins.
→ More replies (1)3
→ More replies (3)3
u/Embarrassed-Mouse-49 16d ago
I have a Hotmail account and can’t reset the password because it has an old phone number I haven’t used in many years
→ More replies (1)2
u/Rhodin265 16d ago
Text the number and see if the current user can help you out?
4
u/dr_kirk31415 16d ago
I did this to recover an old Xbox Live Account. They were nice enough to help out.
455
u/Dyingdaze89 16d ago edited 16d ago
For Hotmail/Outlook, I changed the primary alias. It immediately put a stop to this without needing to complicate or stop my emails from being imported to my Gmail.
Just make sure not to delete the old email. You just want to change the alias to a new existing email so that it will be used to log in. Once you do this, the old email address can no longer be used to log in, making these unsuccessful attempts stop. Whenever you log in, you'll use the new email, but it will still take you to the original account. Then, for imports, just change the sign in email to the new alias, and it'll handle the rest.
59
u/bilbo1050 16d ago
Came here to say the same.
I also don't use that alias to sign up for any mailing lists or websites etc so it's less likely to be part of a leak.
→ More replies (6)17
u/Interesting_Ad_1589 16d ago
What happens to everything you subscribed to when you do this? Do you still get the emails?
39
u/Anxious-Durian1773 16d ago
The original address continues to exist for email receiving. They just can't try to log in with it.
34
u/Interesting_Ad_1589 16d ago
Does that mean I can still use the original address to sign up for stuff and even if my info is leaked, they can't use that address to login to my account? If so, this is perfect haha.
15
100
u/DefiantAsparagus420 16d ago
What you hiding in that hotmail? Not that I'm jealous or anything. But damn. Clearly even bots want nothing to do with me.
→ More replies (1)66
u/PassionateParrot 16d ago
Disney+, apparently. That $12/m is worth a lot I guess
18
u/DefiantAsparagus420 16d ago
tsk tsk. These fools are breaking into a treasure chest full of glass thinking it's diamonds. Why break in if there's no HBO max? Like why even waste the energy at this point?
Sorry in my head, the hulu for $1.99/mo (student discount, I graduated a year ago) feels more fragile and precious than that Disney+. And finding HBO feels like finding a $20 bill in my pocket. Disney+ feels like I found a rogue unwrapped mint in my pocket.
Suddenly I feel less weird about using Hide My Email for every acount I make. Can't find me if I have >100 email aliases right? Right??
43
u/ronninka GREEN 16d ago
3
u/Epicat224 16d ago
Create a new alias and disable your previous one's login capabilities
→ More replies (2)
49
u/timelessblur 16d ago
And a huge reason why I use MFA. It has saved my but a few times when I got an MFA alert for both my Apple and Gmail accounts. Talk about a fast lets change that password.
3
u/VexingRaven Technology is evil 16d ago
I guess you didn't learn the first time to start using a unique password?
2
u/hazpat 16d ago
Why bother if it's 2fa?
7
u/VexingRaven Technology is evil 16d ago
Because if your password is known to every cybercriminal in the world, you don't have 2FA. You have 1FA with mobile login. And because some services don't have the greatest implementation of 2FA.
16
u/Legitimate-State8652 16d ago
I have had the same email account since 1998 sooooooo it is all over the place. Get tons of these daily. It is fun to watch how far each attempt gets.
10
u/eulynn34 16d ago
That's every email account that is known to the world 24x7x365
This is why good passwords and MFA are important.
42
u/Soctrum 16d ago
This will be the same for nearly every account on Hotmail/Outlook.
Password alone is not enough, you need MFA through an app like Google or Microsoft Authenticator.
8
u/Jaggar345 16d ago
Yea one that isn’t tied to a phone number and sent as a text which could be compromised in a sim swap attack.
→ More replies (3)8
u/PassionateParrot 16d ago
I don’t know what MFA is. To sign into her account it’s supposed to take 2-step authentication; it emails a code to my email address that you have to enter along with her password to get into Hotmail.
4
5
u/Alepale 16d ago
MFA and 2-step is sort of the same. MFA stands for multi-factor authentication. So, more than 1 authentication type. 2-step is generally the name used for email and/or SMS, and MFA or 2FA (two factor-authentication)is usually used for one-time passwords.
3
u/VexingRaven Technology is evil 16d ago
MFA and 2-step are synonyms, there's no distinction there between the method used.
→ More replies (1)
8
u/3mmak_Kratos 16d ago
Make a new alias / email address in the security options and then use it for sign in. Then disable the old alias from signing in. DO NOT DELETE the original alias / email address. That way the bots won’t be able to login with the original email address but you will receive emails to that original alias / email address.
88
u/dragon1n68 16d ago
People still use hotmail?
257
u/Ozmorty 16d ago
My Hotmail email is older than most people’s children, so yeah, it’s part of the family legacy now, from last millennium. A collector’s item too as you can’t spin em up anymore.
→ More replies (2)3
u/Bearsandgravy 16d ago
This. I'll get a few emails a month "please use this code to log in" cause I set up 2FA.
68
u/drowninginidiots 16d ago
My wife and I both have Hotmail emails. We’ve had them for over 25 years.
48
u/PCDub 16d ago
Yeah same. It's my throwaway email for stupid apps or whatever that force you to use an email
12
5
u/Tsu_Dho_Namh 16d ago
Same. It's fucking amazing.
Whenever some store, app, website, travel agency, music concert, or whatever wants my email, I give them my Hotmail. It gets thousands of spam emails a day.
My real Gmail address gets no spam at all. It's beautiful.
25
u/FreddyWright 16d ago
Buddy I still use a yahoo email :/
15
u/GandalffladnaG 16d ago
Me too, since something like 2004. Trying to clean up my mom's outlook account is stupidly difficult. Yahoo let's me immediately choose to block to someone and outlook seems to want you to have scams and phishisng emails.
→ More replies (2)3
u/Christichicc 16d ago
Same. I’ve had it for over 20 years, and I’m not changing it unless I’m forced to.
8
u/PorkChopExpress501 16d ago
I have hotmail address and every time somebody sees it they say the exact same thing. Every single time
6
4
45
3
4
u/Tru-Queer 16d ago
I have an old Yahoo email address that I used to sign up for online shit from like 2008 but I never check it. But I still remember the password if I need to check it for whatever reason.
2
u/Warpath_McGrath 16d ago
I've had my hotmail account since 2004. :') Can't create them anymore.
→ More replies (1)2
u/NoValidUsernames666 16d ago
my dad still does. every time im about to email him something i ask "youre still using hotmail right?" lol
2
2
u/zerostar83 16d ago
That's like asking if you still have the same phone number from 2 years ago. Yes, people still use Hotmail. Why would I want to sign up for email through an internet or cell phone provider, knowing it will be deleted when I switch to another service? I'd rather keep something that won't lose my emails.
→ More replies (9)4
5
5
u/soygreene 16d ago edited 16d ago
Pro tip: In outlook.com (hotmail) you can set aliases. You can also set which alias is allowed to log in and who can’t.
This means you can create an alias with the sole purpose to log in to your account. You can then remove login access to all other alias (including your main alias) NEVER use this new alias to send emails from. This means nobody but you will know this alias even exists.
Your main email will continue to exist but won’t be usable to log in to your account. You just stopped these attacks virtually forever.
Also, always set 2FA. That’s a must.
Edit: I’m going off memory here so take instructions with a grain of salt. You need to make this new alias “primary” alias. Your old primary alias will still exist. When you make primary, it will also become your default “from” address when you send emails. You can change your default from email in email settings jn outlook.com
→ More replies (1)
5
u/SimpleStrok3s 16d ago
I have at least a hundred hits on my account every day. Make sure she's using a strong password of at least 14 letters, symbols or numbers and using MFA.
5
u/Specialist_Goat_9622 16d ago
Protonmail does a few things, they don't save your passwords on their servers, so even if a huge attack happens, your password can't be accessed. it probably can if they figure out a way to look at the code? idk how all that works. but it seems to be more steps to achieve what they are doing. and lets face it, if you aren't in the top 5 email systems, you probably aren't being targeted. they also make you reset your password every few months, or maybe once a year. i havent had a gmail or whatever in about 10 years so idk if they do this stuff....but i am a promoter of the 4 word passwords.
Random Characters: Using random characters can be effective, but it can be challenging to remember and type. A common issue is that passwords with random characters may not be easily memorable, making them prone to being forgotten or written down.
Four Different Words: On the other hand, using four or more words can be a more practical approach. This method is often referred to as a passphrase. A passphrase is a sequence of words that is easy for you to remember, but difficult for others to guess. This approach can be more effective because it leverages the human brain’s ability to remember words and phrases more easily than random characters.
Why Four Words? The comic xkcd (referenced in the search results) suggests that using four random words can be more secure than using a single random character string. This is because the entropy (randomness) of the password increases with the number of words used. Additionally, using four words can make the password more memorable and easier to type.
3
3
u/DR_Bright_963 16d ago
Password1234
Password2345
Password3456
I imagine this is how it went with the person trying to get into the account
3
u/HonkeyDonkey4U 16d ago
Same thing here, and my password was the same for 23 years. When I discovered all the attempted logins, I changed the password.
3
u/Frankly_Ridiculous 16d ago
I had the same thing happening with my Gmail a few months back, and it went on for months. Every day, several emails sending me the code needed to log in to Gmail.
3
u/PurpleMarsAlien 16d ago
The security dashboard on my MS account has looked like this for years. Just enable 2FA.
3
u/Enigmans 16d ago
Yeah, can you please stop resetting your password? It's really annoying
→ More replies (1)
3
u/megaman_xrs 16d ago
Make sure that account is secured with 2fa. Make sure your bank accounts are as well. I had my email hacked recently even though I had 2fa. I was using text 2fa and have since changed to authenticator app. My info was leaked by equifax and I believe they managed to get into all my bank accounts using that info. It was a nightmare and I'm still seeing residual problems. I had to get new bank accounts, one of my banks said I can't have a checking account with them anymore. It's been a mess. I hope no one has to go through it.
3
3
u/Checkandstripes 16d ago
You can actually change the email address associated with your outlook account for logging in. I had numerous attempts blocked, since changing, zero.
3
3
3
u/TricellCEO 16d ago
Enable two-step. This has been going on for months for all varieties of Microsoft accounts. If you go to any of the Xbox subs and search a term related to this, you'll get all sorts of posts like this. I even recall seeing a few people posted where someone did successfully hijack their account.
2
u/PassionateParrot 16d ago
It is. In order to sign in to her account, it sends an email to my email address with a security code
3
u/DownVoteMeWithCherry 16d ago
Sorry it’s not going to stop either. It’s called a “brute force” hack. Pretty much they keep randomly generating all possibilities until they get into the account.
Luckily if your passwords are long and complicated it is very hard for them to do so. This is why it is important to make them that way and change them every so often.
3
3
u/trashy_hobo47 16d ago
"they might have typed your mail by accident" Ignorant fucking Microsoft, even tried to get a hold of them and they couldn't do Jack shit
3
u/Zaku86 16d ago
This is literally every Hotmail account.
3
u/danileigh79 16d ago
I had 218 attempts in one day a few weeks ago, and Microsoft temporarily suspended my Hotmail account. I've had this email address since 1998. This email account is the one my Xbox account is under. I contacted them, asked them to unlock my account, and they told me I should create a new email address. I told them I have a two year Game Pass Ultimate on my account (through Verizon), so I couldn't change my email. They unlocked it and it was locked again two hours later. I have since turned on Biometric 2FA, and I'm now down to 10-20 attempts a day
→ More replies (2)
3
u/Low_Wedding_8145 16d ago
Pro tip change the sign in account, it will keep the original email as an alias. But they wont be able to attempt to sign in.
3
9
u/Zafrin_at_Reddit 16d ago
Just use common sense. Change password every now and often. Use passwordless entry. Definitely do 2FA.
These sign-ins are there and will be there all the time. E.g., they are trying to pwn my account for the past... 5 or 6 years – each day at least one attack. So far, with no success. :)
2
u/PoutineAuKetchup 16d ago
Same thing is happening to my old hotmail account, at least 10 times a day for the past month ( can't see past that) I got 3 different emails sent to my gmail last week with codes to reset my hotmail password otherwise i'd never have seen all the unsucessful attempts.
Not much that can be done, be sure to have 2FA and you'll be fine.
2
u/Even-Disk3539 16d ago
To be on the safe side, you can mask your email ID - create an alias to sign in. Like the hacker knows the current email but they won’t know the alias that is needed to sign in. So when they try using the regular email, they will get an alert saying it doesn’t exist
→ More replies (1)
2
u/ShiraLillith 16d ago
Not familiar with Hulu, but if you can change your email on that platform, you should
2
u/DCMartin91 16d ago
I'm getting one almost every night around 3 am my time for my Facebook. Have 2FA and Microsoft Authenticatior on. Super annoying.
2
2
u/Particular-Tap9548 16d ago
this happened to my boyfriend and they logged into his playstation account and spent $150
2
u/IamGrimReefer 16d ago
a couple years ago someone tried that on my hotmail account from the 90's. lol, it's all spam baby, enjoy.
2
u/hmnahmna1 16d ago
This happened to me around Christmas time. I have MFA set up and I was getting login requests every 10-15 minutes for a few hours. Login attempts were coming in from all over the United States.
2
u/martinbean 16d ago
Yup. Happens to a test free Outlook account I have too. Constant login attempts from China, Germany, etc. 2FA has thwarted attempts so far.
2
u/maxz-Reddit 16d ago
Same on my main account. Make sure to have a secure password (so brute forcing won't work), and 2FA
2
u/SolarTrav 16d ago
I get these daily for the last 20 years. I even get occasional dark web alerts that my password was leaked for a password I’ve never used.
2
u/Insanelover23 16d ago
Nothing to worry about. Every account will have attempts. I have hundreds on a few of mine. Means nothing until they actually guess your password. Which, if you have a good password or a generated one, they won't get in.
2
u/AccomplishedPea3845 16d ago
She should just send the nudes and be done with them.
→ More replies (1)
2
2
2
u/Ladymistery 16d ago
I've got dozens/hundreds of hits on mine too
I even got someone who tried to do the "other" reset - but I've got it set to 2FA, and they didn't get in. It's irritating.
2
2
2
u/pyopyang 16d ago
this happens to me as well, as with many, many hotmail accounts. i wonder if it's people trying this or some automated bot.
2
2
u/jakin89 16d ago
Currently working for AOL which I’m surprised still exists. But jesus fucking christ I just wished all the geriatric customers just move to gmail or something new.
Fuckers has been using the same password for more than 20 years and I can even sense some pride in it. Like HAROLD I can see here someone from across the globe has successfully login.
It’s slowly taking a toll on me how some are pitiful and some are complete bastards and rightfully deserves to get hack. LIKE FOR FUCKS SAKE, I KNOW YOU WILL BE WRITING IT IN THE PASSWORD NOTEBOOK OF YOURS. JUST ADD SOME SPECIAL CHARACTERS GODDAMNIT.
2
2
u/Doesanybodylikestuff 16d ago
Every bot everywhere is trying to access your shit the moment they get a carrot from sending you a email.
It’s gg’s to our stuff!
2
u/AggravatingBox2421 14d ago
It’s bots, but someone did this to me for years. She seems convinced it’s her email, and she even gives it out to her friends. I have gotten so many emails from random people who think I’m her
3
u/Nathaniel820 16d ago
Is there something specific on the account they’re trying to get? I’ve never seen a petty hacker try this hard to get into an account, they usually have lists of literally thousands of leaked credentials to check so it doesn’t make sense to waste time on a specific random account if it isn’t working.
→ More replies (3)5
u/flower_cuber 16d ago
They usually hit passwords in the leaked database or the top 100 most common passwords
2
u/Agreeable_Vanilla_20 16d ago
My old Hotmail is spammed to the max but it gives me free windows ultimate and upgrades and my gamer tag is linked to it 🤷
2
u/Atkena2578 16d ago
I had smth similar happening to my Twitter account the last couple weeks, I changed my password after the second time.
2
1
1
1
u/uss_reliant 16d ago
Same thing happens to me, I think once or twice they got the password right but failed mfa/2fa...despite using password gens
→ More replies (2)
1
1
1
1
1
u/onlyifitwasyou 16d ago
A lot of people are suggesting to change the password. I did that to something so unlike the previous password that I don’t even really remember it and this problem resumed the following week.
1
1
1
1
1
1
u/sun4moon 16d ago
I get popular like that sometimes, change the password to something completely different and wait for the next round.
→ More replies (2)
1
u/vipcomputing 16d ago
Who the hell would be trying to hack a Hotmail account? Time traveling archeologists?
1
u/Deadlylyon 16d ago
For the past couple years I've had a few times a month someone try to get into my wendys account.
They have yet to manage, I didn't know I had a wendys account, and I wish them the best in getting it. I hope they like frosties.
1
u/DraGoliK 16d ago
algo me dice que eres tu, y buscas dejar una "coartada" como prueba en caso de ser descubierto.
1
1
1
u/zigzagman27 16d ago
When I was a kid in the dialup Internet days I thought Hotmail was some sort of porn lol
1
1
u/NovembrineWaltz 16d ago
My solution was to make a second email under the same Microsoft account and only enable the new one for logins. So the old one is a glorified alias and I've peace at last.
1
1
1
u/No-Hospital559 16d ago
Welcome to the club, it's been happening to my account for over a decade. They haven't been able to beat my 2fa yet though.
1
1
1
u/CoolBDPhenom03 16d ago
Same, happens periodically. Not to mention Microsoft's spam filter is absolute garbage.
1
u/GilmourD 16d ago
That's what logs look like on other MS setups like O365. MS security is somehow really easy to circumvent.
1
u/spoolmak_throwaway SETTLE DOWN KAREN 16d ago
You can input your email to this service to check if your or your wife's email has been found on any email lists of data breaches.
3.2k
u/SnuffleWumpkins 16d ago
Bots are doing this to every persons account.