I highly recommend enabling the two factor authentication feature. I got my account targeted by some botnet and was breached several times regardless of how ridiculous my password was. Of course, this all stopped the moment I started using two factor auth.
I've got some Chinese IP trying to log in to my account every 4 or 5 days at the moment it seems. Prior to that, it was a Japanese IP every few days for a couple of weeks.
Well that was amazingly useful. Someone had guessed my PW and was logging in regularly from a Windows CE device in Denver.
Very odd and confusing. Scary since my Skydrive has all sorts of personal stuff in it.
2 factor is awesome, but I always fear losing access to my account. Basically it means that if I don't have my smartphone on me, I have no way to check my email except on pre-authorized computers.
This is of course the point but it also means if I am traveling and I lose my smartphone, I have no way of contacting anyone that I know. I would be completely lost in the world and unable to reach out to anyone for help.
Of course there is the recovery code, which I have a copy of in my wallet, but that does me no good in a "traveling through city, get mugged" scenario.
It is scary how reliant we are upon technology. :(
Check the IP, if you are windows phone and your phone is syncing with exchange via the cellular data network your IP may be showing somewhere completely different than where your are. Check the owner of the IP and you'll probably see that it's your cellphone carrier.
I see the same logs, but in Washington and the IP is T-mobile's (my provider)
Some of the activity logs show "activesync", which I assume is my WP. Other log entries show logging in from Windows CE devices, which is very strange.
But yes, "datacenter" was the first thing that popped into my head.
Then of course there were the constant failed security question checks coming in at a rapid pace. I pretty much assume those are dangerous. I changed my PW to something insanely long with lots of nice junk in it and added two factor on top of that.
Interesting. I'm in Colorado and last night I got regular (once every half hour) logins from "Exchange ActiveSync" in San Francisco.
Is it possible one of my (many) Live apps is doing this through an endpoint there?
[edit] I don't think justsomedood's post (https://news.ycombinator.com/item?id=6928806) applies to me , all my devices were on my local network last night. It's a good thing to check though!
I've just enabled 2-factor auth, so hopefully I've removed the issue.
I have Skype on my phone and the log is filled with that app logging in all the time (looks like every 10 minutes!), which makes this kinda useless. It would be nice if the UI had a way to trim that list down somehow. e.g., group by country, filter by successful logins.
So if I have a random characters + numbers password that's reasonably long, do I actually have anything to worry about? Microsoft and Google don't allow brute forcing through their web login interfaces, do they? I keep things like IMAP and POP disabled.
