Help protect your Outlook.com email account

Important: If you think your account has already been hacked, see My Outlook.com account has been hacked, and follow the steps to recover it.

Whether you receive a link in an email that appears to be from your bank but isn't, fake notifications from social networking sites, or malicious advertisements, we can help you protect your account. We keep up with the latest scams so you don't have to. Though we guard against many different types of threats to your account, there are also several steps you can take to keep your account and your personal information safe.

Email

Look for the trusted sender icon on new messages

A screenshot of the Trusted Sender notification.

If you receive a message that looks suspicious, or contains an attachment you're not expecting, look for the trusted sender icon and mail header. If you see this icon, the email is safe to open. If you don't see the trusted sender icon, contact the sender to verify they sent the message.

Watch out for yellow and red safety bars

A screenshot of the yellow safety bar in an Outlook message.

If you see a yellow safety bar at the top of your message, then the message contains blocked attachments, pictures, or links to websites. Make sure you trust the sender before downloading any attachments or pictures or clicking any links. Emailing the sender to verify they intended to send you an attachment is also a good practice for any attachments you're not expecting.

A screenshot of the red safety bar in an Outlook message.

A red safety bar means that the message you received contains something that might be unsafe and has been blocked by Outlook.com. We recommend that you don't open those email messages and delete them from your inbox.

Add senders to safe and blocked senders lists

When you add an address to your safe senders list, all messages you receive from that address go right to your inbox. Adding a sender to your blocked senders list sends messages from that address to your Junk email folder. See Learn about junk email and phishing and Filters and reporting for Junk email on Outlook.com.

Signing in

Only sign in from computers you trust

When you sign in to Outlook.com on your computer or device, Outlook.com uses a HTTPS (Hypertext Transfer Protocol Secure) connection. This means that your username and password are encrypted as they're sent over the internet. However, be wary of using a computer that could have password-stealing software on it. If you want to sign in to Outlook.com from a public computer, you can request a single-use code, which you'll use in place of your password when you sign in.

Note: Single-use codes aren't available in all regions yet.

To sign in with a single-use code, on the sign in screen, choose Sign in with a single-use code. You'll need to enter your email address and the mobile number you associated with your Microsoft account. We'll text you the code. Enter the code in the Single-use code box and then choose Sign in.

Check the address bar when you sign in

If the URL that appears in the address bar when you sign in doesn't include login.live.com, you could be on a phishing site. Don't enter your password. Try to restart your browser and navigating to Outlook.com again. If the problem continues, check your computer for viruses.

Your account

Create a strong password and don't share it

A strong password contains letters, numbers, punctuation, symbols, and numbers. Create a unique strong password for Outlook.com and change it periodically. We don't recommend using the same password for other services.

Don't

Do

Don't use the same password for different accounts.

Do make the new password significantly different from previous passwords.

Don't recycle passwords.

Do change your password regularly.

Don't use a single word for your password.

Do use a password phrase with no spaces between words.

Don't use easy-to-remember personal information like your name, names of family members, your address, or phone number.

Do use an easy-to-remember sentence or phrase converted into a string of initials, numbers, or symbols.

Don't use passwords like "password," "money$$$," or "12345678."

Do make your password hard to guess even if someone knows a lot about you (avoid names and birthdays of your family, or your favorite band).

Never reply to email asking for your password

Microsoft will never ask for your password in email, so never reply to any email asking for any personal information, even if it claims to be from Outlook.com or Microsoft.

Turn on the two-step verification option

Two-step verification helps protect your account by making it more difficult for a hacker to sign in, even if they have your password. Any time you sign in from a device that isn't trusted, you'll be prompted to enter a security code. Get more info at Two-step verification: FAQ.

Check your account's recent activity

If you receive an email notifying you of unusual activity on your account, you can see when and where your account has been accessed, including successful sign-ins and security challenges, on the recent activity page at https://account.live.com/activity. If you're not sure the email is from Microsoft, see How to recognize phishing email messages, links, or phone calls. It has tips to help you determine if an email is from a legitimate source.

Add an alternate email address and mobile phone number to your account

Add security info to your account to make it easier to recover your account if it's hacked. Because this information can help keep your account safe, it's a good idea to add as much as possible.

If you ever lose access to your account, having a secondary email address and mobile phone number can help us restore your access quickly. Get more information about why it's a good idea to add security information.

Your computer

Make sure your computer or phone operating system has the latest updates

Most operating systems have free software updates to enhance security and performance. Because updates help keep your PC or phone safer, we strongly recommend that you set up your PC or phone to get these updates automatically.

Use antivirus software

You can help protect your computer against viruses by using antivirus software and updating it regularly.

Share Facebook Facebook Twitter Twitter Email Email

Was this information helpful?

Great! Any other feedback?

How can we improve it?

Thank you for your feedback!

×