This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 57.99999999999999%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EBG%3C/text%3E%3C/svg%3E)
Hallo,
ich bekomme von der Authenticator App immer wieder ein Anmeldeversuch, obwohl ich keine Anmeldung durchführe.
Ich habe den Verdacht, jemand Fremdes versucht auf meinen Account zu gelangen.
kann man das prüfen ?
It seems that someone is trying to access your account
Make sure 2FA is enabled to provide an additional layer of security to your account.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(0, 17%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EVJ%3C/text%3E%3C/svg%3E)
Hello Butler GmbH,
Thank you for posting your query on Microsoft Q&A.
As per your description, we understand that you are seeing sign-in attempts on your authenticator app.
From Azure, we can prevent a bad actor to successfully sign-in with your user account, but we cannot stop him to attempt to sign-in.
To prevent un-authorized sign-in attempts to reach second factor authentication, we suggest you identify from which IP address the bad user is attempting to sign-in. For that you can check the user sign-ins in azure portal.
Once you get the IP Address of the bad actor, you can configure a Conditional Access Policy to block those Bad IP Addresses.
In Azure portal - Security - Manage - Named Locations, please include all bad IP addresses and give it a name. (Ex : Bad IPs)
While creating CA policy, under Network please exclude the Named Location (Bad Ips) and select block in grant access as shown below.
We strongly recommend using phishing resistant MFA method for all users to prevent unauthorised access.
Reference
https://learn.microsoft.com/en-us/entra/identity/conditional-access/policy-block-by-location
And Microsoft recommends following Security Best Practices.
Reference
https://learn.microsoft.com/en-us/azure/security/fundamentals/identity-management-best-practices
I hope this information is helpful. Please feel free to reach out if you have any further questions.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Thanks,
Venkata Jagadeep
Hello Butler GmbH,
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.
Hello Butler GmbH,
Following up to see if the above answer was helpful. If this answers your query, do click Accept Answer and Yes for was this answer helpful. And, if you have any further query do let us know.