How to Fix “Your Account Is Temporarily Locked to Prevent Unauthorized Use” on Microsoft Sign-In

Hamza Mohammad AnwarPublished on June 27, 2026
Hamza is a certified Technical Support Engineer.

If Microsoft shows Your account is temporarily locked to prevent unauthorized use, the sign-in system has paused access because the account needs a security check before it can continue. You may see it on Outlook, Hotmail, Xbox, OneDrive, Microsoft 365, Windows sign-in, or any page that uses your Microsoft account.

Microsoft sign-in error saying the account is temporarily locked to prevent unauthorized use.
This lock appears before Microsoft accepts the sign-in as safe, so the fix is usually identity verification or admin-side unblock rather than repeated password attempts.

This message does not prove the account was successfully hacked, and it does not always mean the password is wrong. Microsoft can lock the sign-in flow after unusual activity, repeated failed attempts, suspicious traffic, a verification problem, or activity that needs review under account-security rules.

The account type matters.

  • A personal Microsoft account such as Outlook.com, Hotmail, Xbox, or OneDrive is unlocked through Microsoft’s own security-code, password-reset, sign-in helper, and activity-review pages.
  • A work or school account can also be affected by Microsoft Entra or Microsoft 365 admin controls, so the user may need self-service password reset or an administrator-side unblock.

1. Stop the Retry Loop and Identify Which Microsoft Account Type Is Locked

The wording on the lock screen tells you which recovery path matters. A personal Microsoft account usually sends you toward account.microsoft.com, security codes, password reset, or the Sign-in Helper. A company or school account may say to contact your admin because the tenant controls the account.

  1. Close extra Microsoft sign-in tabs, Office apps, Outlook windows, Xbox sign-in prompts, or browser sessions that keep retrying in the background.
  2. Wait briefly so you are not stacking more failed attempts on top of the lock.
  3. Open one clean sign-in page from your usual browser or main device and try once.
    Microsoft sign-in page opened again after waiting briefly before another attempt.
    Use one clean sign-in attempt to confirm the message instead of repeatedly submitting the same password or code.
  4. Look at the locked address. If it ends in @outlook.com, @hotmail.com, @live.com, @msn.com, or is used for Xbox/OneDrive, treat it as a personal Microsoft account.
  5. If the address belongs to a company, school, or organization, or the page says to contact your admin, use the work-or-school path later in this article.

If the lock is on a personal account, continue with Microsoft’s unlock and password-reset flow. If it is clearly managed by work or school, skip consumer recovery loops and use the admin-controlled path below.

2. Unlock a Personal Microsoft Account with a Security Code or Password Reset

For personal Microsoft accounts, the fastest supported route is Microsoft’s online unlock flow. Microsoft may ask for a security code, a password reset, or another identity check before allowing the account back in.

The phone number used for the unlock code does not always have to be one already saved on the account. It only needs to be able to receive text messages, but the code itself is temporary, so use the newest code and enter the numbers from the message body.

  1. Go to account.microsoft.com or the Microsoft sign-in page that shows the locked-account message.
  2. If Microsoft offers Forgot password?, select it.
    Microsoft sign-in page showing the Forgot password option.
    Password reset is part of the normal unlock path when Microsoft needs to confirm the account owner again.
  3. Enter the locked account’s email address, phone number, or Skype name.
    Microsoft account recovery page asking for the email address for the locked account.
    Use the exact Microsoft account identifier that is locked, including the right Outlook, Hotmail, Live, or country-domain variant.
  4. Choose a verification method that you can access right now.
  5. If Microsoft asks for a phone number to receive an unlock code, use a number that can receive SMS and enter only the newest code.
  6. Create a new password if Microsoft requires it, then sign in again from your main device.

If the unlock works, do not stop at the first successful sign-in; move to the security-review steps below and clean up the account. If Microsoft will not send or accept the code, move to the next method and fix the verification route first.

3. Review Recent Activity and Respond to Any Risky Sign-In Alert

Once you can reach the security dashboard, check why Microsoft may have locked the account in the first place. The Recent activity page shows where and how the account was used, and Microsoft lets you mark suspicious activity as yours or not yours.

This step matters because a lockout can be a false alarm, but it can also be the first visible sign of password reuse, leaked credentials, or an attacker trying to trigger verification prompts.

  1. Open the Microsoft account Security page and go to Recent activity.
  2. Review locations, devices, browsers, apps, and failed sign-in attempts from the list.
    Microsoft account Recent activity page showing sign-in attempts and locations.
    Recent activity helps separate a real account-risk event from your own travel, VPN, new device, or repeated typo attempts.
  3. If Microsoft sent a security alert, open it carefully or go directly to the security dashboard instead of trusting links in unexpected emails.
  4. If the sign-in was yours, confirm it as your activity.
  5. If the sign-in was not yours, choose This wasn’t me or Secure your account where Microsoft offers it.
    Microsoft security alert asking whether a suspicious sign-in was legitimate.
    Clearing or rejecting the risky sign-in helps Microsoft understand whether the lock was a false alarm or a real compromise signal.

If all activity was yours, the lock was probably triggered by a new device, travel, VPN, or repeated failed attempts. If anything was not yours, change the password, check recovery info, and sign out other sessions.

4. Sign Out Everywhere and Secure the Account After It Unlocks

If the account was locked after suspicious activity, a successful unlock is only the first half of the repair. You still need to remove stale sessions and make sure an attacker cannot keep using an old browser, app token, or device session.

Microsoft’s sign-out-everywhere tool can sign the account out of browsers and apps across devices, although it can take time and does not automatically handle every Xbox console session.

  1. Open your Microsoft account security page, then go to Advanced security options.
  2. Scroll to Sign out everywhere and select it.
    Microsoft account security settings showing the Sign out everywhere option.
    Sign out everywhere is useful after a suspicious lock because it removes many existing sessions after the account is back under your control.
  3. Change the password if you have not already done so during unlock.
  4. Update recovery email, phone number, and authenticator methods so future unlock codes go somewhere you can still access.
  5. Run a malware scan on any PC where you entered the password if you suspect the password was stolen.

If the account stays unlocked after cleanup, the security event is likely resolved. If sign-in immediately locks again, check whether an old app, device, or work/school policy is still making repeated bad attempts.

5. For a Work or School Account, Use Self-Service Reset or Ask an Admin to Unblock Sign-In

Work and school accounts are controlled by the organization. Even if the error text looks similar, a normal Microsoft consumer unlock form may not be enough because Microsoft Entra, Microsoft 365, security policies, or admin-side block settings can be involved.

If self-service password reset is enabled, the user can start there. If it is not enabled, the organization’s IT admin has to review the account; a personal Microsoft recovery form will not unblock a tenant-managed account.

  1. Go to mysignins.microsoft.com/security-info and choose Can’t access your account? if the page allows it.
  2. Follow the self-service password reset prompts using the security information your organization has on file.
  3. If the page says to contact an administrator, send the exact lockout message to your IT help desk.
  4. If you are the Microsoft 365 admin, open Microsoft 365 admin center > Users > Active users.
    Microsoft 365 Admin Center opened to the Active users page.
    Managed accounts often need tenant-side review because sign-in can be controlled by Microsoft 365 or Entra settings.
  5. Select the affected user and check whether sign-in is blocked.
    Microsoft 365 user page showing that the account sign-in status is blocked.
    If sign-in is blocked in the tenant, password retries from the user’s device will not clear the lock.
  6. If appropriate, remove the block, reset the password, and require the user to change it at next sign-in.
    Microsoft 365 admin page showing the blocked sign-in setting being removed.
    Admin-side unblock and password reset are the correct path when the locked account is managed by an organization.
  7. For repeated lockouts, review risky sign-ins, conditional access, MFA prompts, stale devices, and old saved passwords in Outlook, Teams, mobile mail apps, or Windows Credential Manager.

If the admin-side unblock works, have the user sign in once from a clean browser before reconnecting every app. If the account locks again quickly, move to the next method only after checking old saved passwords, risky sign-ins, and tenant policy logs.

6. Use Microsoft Support or the Reinstatement Form When the Normal Unlock Path Is Missing

Some locked personal accounts do not show the normal Next or security-code path. Microsoft can instead show a link that starts with aka.ms/ for account reinstatement or route the user through the Sign-in Helper.

This is not the same as a normal password typo. It means Microsoft wants a review path, and duplicate forms can slow that down.

  1. If the lock screen includes an aka.ms reinstatement link, open it from the locked-account window and follow the form.
  2. Submit the form once with accurate information and wait for the email response.
  3. If you cannot reach the unlock form, use Microsoft’s Sign-in Helper from the official support page.
  4. If you are missing all recovery methods, read Microsoft’s recovery-form guidance before submitting, especially if two-step verification was enabled.
  5. Do not pay third-party “unlock” services or give them your Microsoft password, recovery codes, authenticator approval, or ID documents.

If the reinstatement or Sign-in Helper route works, update your security info before returning to normal use. If it still fails, keep the exact locked account address, recovery email, phone number, recent sign-in details, and any support case number together so you do not submit conflicting recovery attempts.

Hamza Mohammad AnwarPublished on June 27, 2026
Hamza is a certified Technical Support Engineer.
ABOUT THE AUTHOR
Photo of Hamza Mohammad Anwar

Hamza Mohammad Anwar


Hamza Mohammad Anwar is an intermediate JavaScript web developer with a focus on developing high-performance applications using MERN technologies. His skill set includes expertise in ReactJS, MongoDB, Express NodeJS, and other related technologies. Hamza is also a Google IT Certified professional, which highlights his competence in IT support. As an avid problem-solver, he recreates errors on his computer to troubleshoot and find solutions to various technical issues.