News, tips, advice, support for Windows, Office, PCs & more
Home icon Home icon Home icon Email icon RSS icon

We're community supported and proud of it!

  • New PC? Lost your Microsoft account password?

    Home Forums AskWoody blog New PC? Lost your Microsoft account password?

    Viewing 10 reply threads
    • Author
      Posts
      • #2360536
        Ben Myers
        AskWoody Plus

        ISSUE 18.15 • 2021-04-26 MICROSOFT By Ben Myers If your dog ate your Microsoft account credentials, Microsoft will welcome you to the tenth circle of
        [See the full post at: New PC? Lost your Microsoft account password?]

        1 user thanked author for this post.
      • #2360588
        doriel
        AskWoody Lounger

        On Windows 8.1 the process was much easier. Email was sent to my secondary email address and I changed password from there.

        Bottom line is:

        You are asked to enter at least three exact email addresses of correspondents to whom you have sent email, plus the exact subjects of at least three emails you have sent. The subjects and the email addresses do not have to be from the same emails.

        How is this legal to ask? Also obviously when it takes 24 hours, I think some person is involved in unlocking your account.
        With local account, you simply give answers to your security questions. Could this be more appropriate for online account too?

        Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 20H2 Enterprise

        HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

        • #2360630
          Biiljoy
          AskWoody Lounger

          I am not a lawyer but I assume you sign away your rights to everything within terms of service that is how most tech companies skirt the law.

          I have never forgot my microsoft password so never needed this but it wouldn’t work for me either I can’t remember the subject or recipients of one email let alone three.

          Not everyone uses microsoft for email.  I guess that is not their (MS) concern.

          1 user thanked author for this post.
          • #2360650
            doriel
            AskWoody Lounger

            Yes, I suppose you agree with the email sharing somewhere during the “I agree” part.
            If you create MS account email with the same password is created.

            And if you finally manage to opt-out all sharing and targetting for advertisement. BEHOLD! We just inventet thing called “legitimate interest”, which disrespects all your settings and STILL personalises your data (stores your data somewhere). It should respect my settings – if I have EVERYTHING ELSE disabled, this one should be disabled too.

            interest

            Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 20H2 Enterprise

            HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

            Attachments:
            • #2360679
              b
              AskWoody MVP

              What “email sharing”?

              Could you clarify “this one should be disabled too” in English, as I don’t understand “(stores your data somewhere)”?

              Windows 10 Pro version 21H1 build 19043.985 + Microsoft 365 (group ASAP)

              • #2360692
                doriel
                AskWoody Lounger

                Translated it means “legitimate interest”, as I already described in this topic before.

                When I created that account on the screenshot, the “legitimate interest” switch was not there. It was created later with default state ON.

                It is obvious, that if I have all other options disabled, I want that option to be disabled too.
                By email sharing I mean, that someone (if my recovery password requirement is evaluated by humans) can see my email recepients and email subjects at least.

                Dell Latitude E6530, Intel Core i5 @ 2.6 GHz, 4GB RAM, W10 20H2 Enterprise

                HAL3000, AMD Athlon 200GE @ 3,4 GHz, 8GB RAM, Fedora 29

              • #2360716
                b
                AskWoody MVP

                Thanks. We don’t have that setting in Outlook.com in the US, so I suppose it’s only for the EU (and UK) GDPR.

                But since “legitimate interest” means “absolutely necessary” in GDPR, if you don’t like it then you can only stop using the free service:

                “Legitimate interest,” where the organisation needs to process data in order to provide the data subject with a service they signed up for

                Right to object [exceptions]

                Good luck finding an email service that doesn’t process your data! 😉

                Windows 10 Pro version 21H1 build 19043.985 + Microsoft 365 (group ASAP)

      • #2360607
        Chris B
        AskWoody Plus

        As I understand it, this process could never work for me or my wife. Neither of us use a Microsoft email server – I have my own domain and we use the IMAP server on the host of that domain. My wife does  not use a Microsoft email client and I use Outlook 2010, with the data only on my PC and the email host. Hence Microsoft does not have any of my/our emails to check against, or if it does it is in breach of GDPR. So it has nothing to check against, even if I were minded to give it any email data. Hence I would never be able to get authorisation for a new password.

        Am I missing something, or has some supranational court ruled that everyone has to route their email through Microsoft?

        (I hasten to add, we both use password managers which contain our Microsoft credentials, thank goodness.)

        Chris
        Win 10 Pro x64 Group A

        • #2360616
          IFly
          AskWoody Plus

          I am like Chris.  I do not have a MS email account.  Or at least am not aware that I do?  I do have an old Outlook email address and account.  Is this a MS email account which can be used, should I need to reset my password.  Thanks for your article on this.

          Dick – New Win 10 user and missing my old Win 7 OS!

           

        • #2360769
          b
          AskWoody MVP

          Hence Microsoft does not have any of my/our emails to check against, or if it does it is in breach of GDPR. So it has nothing to check against, even if I were minded to give it any email data. Hence I would never be able to get authorisation for a new password.

          Am I missing something, or has some supranational court ruled that everyone has to route their email through Microsoft?

          Checking contacts and subject lines only applies to Microsoft email accounts:

          Outlook.com or hotmail.com accounts

          We’ll ask you questions about your contacts and email subject lines.
          Check with friends and family that you may have corresponded with from that account for help.
          Email subject lines need to be exact.

          Help with the Microsoft account recovery form

          Windows 10 Pro version 21H1 build 19043.985 + Microsoft 365 (group ASAP)

          1 user thanked author for this post.
      • #2360574
        anonymous
        Guest

        So what do you do if you get a message back saying you have not met the Microsoft security tests. And you just go around in circles

      • #2360617
        anonymous
        Guest

        I have had zero success using the method described.  You nailed it when you called it the circle of hell, except for one thing: you should have called it “the endless circle of hell”.
        Why?
        Because that is what I’ve experienced.  I needed a new email account, so I went looking for good reviews.  Based on reviews I read, I went to set a new outlook email account.  I did so, and saved a very complex password to keychain on my iPad.  Keychain is very secure, and is not available to anyone else, not even Apple.  I finished setting up my new outlook email account, and then they encouraged me to setup 2 factor authentication for the account, which I did.  When I then went to login to my never used, brand new email account, MS told me my password was incorrect!  I don’t know what went wrong with MS’s system, but I knew for a certainty that it was correct, as not only had keychain saved it, but so had I separately done done so, and both were identical.
        From there, MS repeatedly took me to their “endless circle of hell”.  MS’s customer support is virtually non-existent to begin with, but this “endless circle of hell” takes them to new lows of what they call concern for their “customer’s security”.  NOT!  Round and round and round we go, asking for exact email addresses, subject lines, etc., etc., etc., for an email account that I never even got to use, because of their incompetence and total inability to recognize anything but their crippled system.
        Just one more reason why I’ll never again own a windows machine!

      • #2360640
        CraigS26
        AskWoody Plus

        Typed a post, left, returned and Clk’d Submit … and it Disappeared …. SO …

        Logged-in to MS Acct …… would it have been in Advanced Security Options that I created a 25-Character Recovery Code for your scenario. THAT it’s Not mentioned as a TO-DO option makes me wonder IF I wrongly presumed its use.

        My HOTMAIL  address is used in MS Acct Login BUT I recall the Recovery Code Setup wanted a 2nd / different Email address – so I entered my rarely-used Hotmail acct #2. Maybe because of that… on the Settings / Update & Security Page it wrongly shows my 2nd Hotmail address with the Admin Acct Name WHILE STILL correctly showing the Main Hotmail on the logged-in MS Acct page. No way to ever understand all the permutations!

        W10 Pro 20H2 / Hm-Stdnt Ofce '16 C2R / HP Envy Desktop-Ethernet/ 12 GB / 256G SSD + 1 TB HDD / i5-8400 CoffeeLake-S / GP=2 + FtrU=Semi-Annual + Feature Defer = 1 + QU=0

        1 user thanked author for this post.
      • #2360649
        bbearren
        AskWoody MVP

        I have a password-protected Excel spreadsheet (with multiple duplicates/backups) for all my various accounts, so I don’t have to go through a password reset for anything.  My OneDrive uses a Microsoft account, but it is not an Outlook email address.

        There is no Microsoft user account on any of my machines, only local accounts, so I don’t need Microsoft’s help for any passwords for any thing.

        Create a fresh drive image before making system changes/Windows updates, in case you need to start over!
        "When you're troubleshooting, start with the simple and proceed to the complex."—M.O. Johns
        "Experience is what you get when you're looking for something else."—Sir Thomas Robert Deware

        3 users thanked author for this post.
      • #2360678
        rc primak
        AskWoody_MVP

        First thing I do when setting up any service is to write down or otherwise archive my account login info, including passwords, secret question answers, alt. email addresses, device or app specific authorization codes, 2FA choices, and account recovery codes. Archived master lists should be password protected. But you also need that password to be stored safely!

        For MS Accounts, you set up an Account Recovery Code. This will almost always get you into your account. This too should be stored in a way that you can access it even if the device is unavailable and at least one of your backup locations fails.

        And I don’t make my device logins dependent on my MS Account login. This means that I don’t install or upgrade Windows using the MS Account as my Admin Login ID. That is a road which leads to madness!

        -- rc primak

        • #2360680
          b
          AskWoody MVP

          And I don’t make my device logins dependent on my MS Account login. This means that I don’t install or upgrade Windows using the MS Account as my Admin Login ID. That is a road which leads to madness!

          How does that lead to madness?

          It means you can always reset a forgotten password, apart from other advantages.

          Windows 10 Pro version 21H1 build 19043.985 + Microsoft 365 (group ASAP)

          • #2360690
            rc primak
            AskWoody_MVP

            We all have our preferences. I prefer not to have to connect to the Internet just to use my primary Admin Account for device local maintenance. I don’t live in the cloud all day.

            Also, if you make your device login dependent on your MS Account login, it makes your life much more difficult if you lose your MS Account password. (Though if you use that login all the time,I guess forgetting the password is very unlikely.)

            -- rc primak

            • #2360700
              b
              AskWoody MVP

              We all have our preferences. I prefer not to have to connect to the Internet just to use my primary Admin Account for device local maintenance. I don’t live in the cloud all day.

              You don’t need an internet connection to login to Windows with a Microsoft account.

              Also, if you make your device login dependent on your MS Account login, it makes your life much more difficult if you lose your MS Account password. (Though if you use that login all the time,I guess forgetting the password is very unlikely.)

              It’s easier for many people to deal with a forgotten password for an MS login than for a local account, especially if it’s the only active administrator.

              Windows 10 Pro version 21H1 build 19043.985 + Microsoft 365 (group ASAP)

      • #2360702
        anonymous
        Guest

        Kudos to you, Professor Myers!! 2 gems in that article: 1) using another Microsoft mail account and 2) squeezing off emails in this account to complete the verify process, are absolutely priceless…and seem so obvious AFTER one sees the ideas in print.

        1 user thanked author for this post.
      • #2360806
        anonymous
        Guest

        I was not aware I had a Microsoft account.

        Nor what big loss would ensue if I lack a Microsoft account.

        Inasmuch as I don’t trust Microsoft, I have tried hard to avoid getting a Microsoft account, although I have had to do some serious sashaying to escape it.

        I have no trouble surfing the web, using Yahoomail or the Microsoft apps I use.

        I had to do some serious evasive action to avoid getting “upgraded” from Windows 7 (good) to Windows 10 (grabby and pushy). When my W7 computer crashed, the only machine I could buy is W10. Even 8.1, which I had on a backup, was better than W10. One day soon I plan to “downgrade” it to W7. They don’t know enough to leave a good thing alone.

        Perhaps one day I may seek out refuge with Ubuntu.

      • #2361004
        anonymous
        Guest

        I have four ‘Microsoft Accounts’ (not including my Windows local pc login.) For want of a better way of distinguishing them I have called them “Microsoft – Office 365 web login’, ‘Microsoft – Office email account to link to Skype’, ‘Microsoft / Xbox account’, and ‘Microsoft Tech forum’. The first two use an ***onmicrosoft.com user name, and the other two my regular eddress. I make no claim that these are good names, in fact whenever I try to login to MS I have to try two or three of these in turn to get in. Can any one illuminate why I need four, which is what, and which is Ben talking about?

    Viewing 10 reply threads

    Please follow the -Lounge Rules- no personal attacks, no swearing, no politics or religion.

    Reply To: New PC? Lost your Microsoft account password?

    You can use BBCodes to format your content.
    Your account can't use Advanced BBCodes, they will be stripped before saving.