Forum Discussion
I received 2FA request but I can't identify the source
Since a couple of weeks, I've started received unwanted prompt on my phone to "confirm my identity": asking me to approve (second factor).
Obviously, this isn't me and I reject those. At first, I was thinking it was just some phishing/stuffing attack, but I tried to find out how I could see those attempts and it is impossible to see "failed attempt" on the Windows Account web page or on the 2FA application.
I have no clue how to investigate this, I would like to confirm what is the "source" of these attempts. Is there any way to have more extensive logs?
1 Reply
You may investigate the source of those unwanted MFA prompts by reviewing the Microsoft Entra sign‑in logs, which record every authentication attempt, including MFA challenges, IP addresses, client apps, and Conditional Access policies, learn.microsoft.com/en-us/entra/identity/authentication/howto-mfa-reporting
