Microsoft 2FA triggered without password?
Currently, I have someone attempting to login to my microsoft account. Upon looking at my activity history I am now seeing almost a hundred failed sign in attempts with the reason being "incorrect password entered". However, recently I have been getting Microsoft Authenticator popups on my phone to sign in to my account (not created by me). Looking at this further I can see that it isnt required for a person to have the password in order to trigger a 2FA request. You just need to click "Other ways to sign in". All this person has is my email but they are able to trigger popups on my end. How is this the case? Every other platform I know requires the username and password to be entered before 2FA is triggered. Is there anything I can do to stop this person sending notifications to my phone.
