How to Recover Your Outlook / Hotmail Account After Being Hacked
If you've been locked out of your Outlook or Hotmail account โ or suspect someone else has gained access โ don't panic. Microsoft has a comprehensive account recovery process, and in most cases you can regain control, especially if you act quickly. This guide walks you through every step.
โฑ Time is critical. The sooner you start the recovery process, the better your chances. Microsoft is more likely to verify your identity if you act before the attacker changes your recovery options. Don't wait โ begin now.
Step 1: Go to Microsoft's Account Recovery Page
Open a browser and navigate to account.live.com/password/reset. Enter the email address associated with your Outlook or Hotmail account and click Next.
Microsoft will begin the identity verification process. The options available depend on what recovery information you had set up before the account was compromised.
For the best chance of success, use a device and network (Wi-Fi or mobile data) that you have previously used to sign in to your Microsoft account. This helps Microsoft recognise you as the legitimate owner.
Step 2: Verify Your Identity
Microsoft may offer one or more of the following verification methods:
Recovery Phone Number
If you had a phone number linked to your account, Microsoft can send a verification code via SMS or phone call. Enter the code to prove your identity. This is typically the fastest way back in.
Alternate Email Address
Microsoft may send a security code to your alternate (recovery) email address. Check that inbox โ including spam and junk folders โ and enter the code when prompted.
Microsoft / Generic Authenticator App
If you had the Microsoft Authenticator app set up, you can approve the sign-in request directly from your phone. Alternatively, if you have a generic authenticator app such as proton authenticator or google authenticator, you may be able to enter the current code on your app to restore access. This is one of the most secure and reliable recovery methods.
Recovery Code
If you have previously generated a Microsoft account recovery code & noted it down, you may be lucky enough to have success by entering this a potential recovery method.
๐ก Tip: If the attacker has changed your recovery phone or email, don't worry โ you can still try the account recovery form (covered in Step 3). Microsoft considers multiple factors when verifying ownership.
Step 3: If Standard Recovery Doesn't Work โ Use the Account Recovery Form
If none of the automated recovery options are available (or they've been changed by the attacker), select "I don't have any of these" during the recovery process. Depending on several factors like location, IP address & previous device sign in, Microsoft may redirect you to the Account Recovery Form.
This form asks you to provide as much information as possible to prove you own the account. You'll need to supply:
๐ The more detail you provide, the better. Microsoft's review team evaluates your submission manually. Incomplete forms are more likely to be rejected. Fill in every field you can remember โ even partial answers help.
After submitting the form, Microsoft typically responds within 24 hours to the alternate email you provided. If your first attempt is denied, you can resubmit โ try to include additional details each time.