Help protect your email account

Whether you receive a link in an email that appears to be from your bank but isn't, fake notifications from social networking sites, or malicious advertisements, we can help you protect your account. We keep up with the latest scams so you don't have to. Though we guard against many different types of threats to your account, there are also several steps you can take to keep your account and your personal information safe.

Look for the trusted sender icon on new messages

If you receive a message that looks suspicious, or contains an attachment you're not expecting, look for the trusted sender icon. If you see this icon, the email is safe to open. If you don't see the trusted sender icon, contact the sender to verify they sent the message.

Watch out for yellow and red safety bars

If you see a yellow safety bar at the top of your message, then the message contains blocked attachments, pictures, or links to websites. Make sure you trust the sender before downloading any attachments or pictures or clicking any links. Emailing the sender to verify they intended to send you an attachment is also a good practice for any attachments you're not expecting.

A red safety bar means that the message you received contains something that might be unsafe and has been blocked by We recommend that you don't open those email messages and delete them from your inbox.

Add senders to safe and blocked senders lists

When you add an address to your safe senders list, all messages you receive from that address go right to your inbox. Adding a sender to your blocked senders list sends messages from that address to your Junk email folder. See Learn about junk email and phishing and Filters and reporting for Junk email on

Add an alternate email address and mobile phone number to your account

If you ever lose access to your account, having a secondary email address and mobile phone number can help us restore your access quickly. See How to verify your account for more details.

Only sign in from computers you trust

When you sign in to on your computer or device, uses a HTTPS (Hypertext Transfer Protocol Secure) connection. This means that your username and password are encrypted as they're sent over the internet. However, be wary of using a computer that could have password-stealing software on it. If you want to sign in to from a public computer, you can request a single-use code, which you'll use in place of your password when you sign in.

Note: Single-use codes aren't available in all regions yet.

To sign in with a single-use code, on the sign in screen, choose Sign in with a single-use code. You'll need to enter your email address and the mobile number you associated with your Microsoft account. We'll text you the code. Enter the code in the Single-use code box and then choose Sign in.

Check the address bar when you sign in

If the URL that appears in the address bar when you sign in doesn't include, you could be on a phishing site. Don't enter your password. Try to restart your browser and navigating to again. If the problem continues, check your computer for viruses.

Create a strong password and don't share it

A strong password contains letters, numbers, punctuation, symbols, and numbers. Create a unique strong password for and change it periodically. We don't recommend using the same password for other services.

Warning: Microsoft will never ask you for your password in an email message.

Use antivirus software

You can help protect your computer against viruses by using antivirus software and updating it regularly.

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!