Help protect your Outlook.com email account
Applies ToOutlook.com

Important: If you think your account has already been hacked, see My Outlook.com account has been hacked, and follow the steps to recover it.

Whether you receive a link in an email that appears to be from your bank but isn't, fake notifications from social networking sites, or malicious advertisements, we can help you protect your account. We keep up with the latest scams so you don't have to. Though we guard against many different types of threats to your account, there are also several steps you can take to keep your account and your personal information safe.

Email

A screenshot of the Trusted Sender notification.

If you receive a message that looks suspicious, or contains an attachment you're not expecting, look for the trusted sender icon and mail header. If you see this icon, the email is safe to open. If you don't see the trusted sender icon, contact the sender to verify they sent the message.

A screenshot of the yellow safety bar in an Outlook message.

If you see a yellow safety bar at the top of your message, then the message contains blocked attachments, pictures, or links to websites. Make sure you trust the sender before downloading any attachments or pictures or clicking any links. Emailing the sender to verify they intended to send you an attachment is also a good practice for any attachments you're not expecting.

A screenshot of the red safety bar in an Outlook message.

A red safety bar means that the message you received contains something that might be unsafe and has been blocked by Outlook.com. We recommend that you don't open those email messages and delete them from your inbox.

When you add an address to your safe senders list, all messages you receive from that address go right to your inbox. Adding a sender to your blocked senders list sends messages from that address to your Junk email folder. See Learn about junk email and phishing and Mark email as junk or block senders in Outlook.com.

Signing in

If the URL that appears in the address bar when you sign in doesn't include login.live.com, you could be on a phishing site. Don't enter your password. Try to restart your browser and navigating to Outlook.com again. If the problem continues, check your computer for viruses.

Your account

A strong password contains letters, numbers, punctuation, symbols, and numbers. Create a unique strong password for Outlook.com and change it periodically. We don't recommend using the same password for other services.

Don't

Do

Don't use the same password for different accounts.

Do make the new password significantly different from previous passwords.

Don't recycle passwords.

Do change your password regularly.

Don't use a single word for your password.

Do use a password phrase with no spaces between words.

Don't use easy-to-remember personal information like your name, names of family members, your address, or phone number.

Do use an easy-to-remember sentence or phrase converted into a string of initials, numbers, or symbols.

Don't use passwords like "password," "money$$$," or "12345678."

Do make your password hard to guess even if someone knows a lot about you (avoid names and birthdays of your family, or your favorite band).

If you need to change your password, see Change your password in Outlook.com.

Microsoft will never ask for your password in email, so never reply to any email asking for any personal information, even if it claims to be from Outlook.com or Microsoft.

Two-step verification helps protect your account by making it more difficult for a hacker to sign in, even if they have your password. Any time you sign in from a device that isn't trusted, you'll be prompted to enter a security code. For more information, see Use two-step verification with Outlook.com

If you receive an email notifying you of unusual activity on your account, you can see when and where your account has been accessed, including successful sign-ins and security challenges, on the recent activity page at https://account.live.com/activity. If you're not sure the email is from Microsoft, see How to recognize phishing email messages, links, or phone calls. It has tips to help you determine if an email is from a legitimate source.

Add security info to your account to make it easier to recover your account if it's hacked. Because this information can help keep your account safe, it's a good idea to add as much as possible.

If you ever lose access to your account, having a secondary email address and mobile phone number can help us restore your access quickly. Get more information about why it's a good idea to add security information.

Your computer

Most operating systems have free software updates to enhance security and performance. Because updates help keep your PC or phone safer, we strongly recommend that you set up your PC or phone to get these updates automatically.

You can help protect your computer against viruses by using antivirus software and updating it regularly.

Still need help?

To get support in Outlook.com, click here or select Help on the menu bar and enter your query. If the self-help doesn't solve your problem, scroll down to Still need help? and select Yes.

To contact us in Outlook.com, you'll need to sign in. If you can't sign in, click here

For other help with your Microsoft account and subscriptions, visit Account & Billing Help.

Get Help app icon

To get help and troubleshoot other Microsoft products and services, enter your problem here

Post questions, follow discussions and share your knowledge in the Outlook.com Community.

Need more help?

Want more options?

Explore subscription benefits, browse training courses, learn how to secure your device, and more.

Communities help you ask and answer questions, give feedback, and hear from experts with rich knowledge.