As a security measure, Microsoft keeps track of all login attempts made to your Hotmail or Outlook.com email accounts: this login history is available under your Microsoft Account, listed as "Recent Activity": it's not limited to successful sign-in operations, and will tell you when information was modified in your account, when a security challenge was performed, and will always log the IP address, device and platform used, as well as approximate location. This tutorial explains accessing that data, with caveats on reliability. You'll quickly be able to tell if someone else is accessing your emails or other parts of your Microsoft account.
Quick Steps to view your Outlook.com login history:
First, sign into your account as you normally do: your account settings will let you view only one particular account and any alias attached to it - make sure that you sign in to the correct account. Once logged in, click on your username in the top right corner of the page, and select "Account settings" from the dropdown menu.
A new page / browser tab will open, so make sure that your popup blocker lets it through (in any version of Internet Explorer, you can hold the Ctrl and the Alt key while clicking a link to temporarily disable your popup blocker!)
Note: because you are about to view sensitive information (including billing information, if you've signed up for Ad-free Outlook.com), you'll be asked to re-enter your account password, even if you just logged in. This is a security measure designed to prevent someone from viewing your account details if you left your PC unattended: they can't view anything without entering your password!
The "Microsoft Account" screen will load: this is where all your information is centralized, not just for your email address, but for any other Microsoft services tied to this particular login - like Office 2013 or Office 365 subscriptions, Hotmail Plus, and even Microsoft online store purchase history, on-file credit cards, etc. (That's why this section always asks you to re-enter your password :)
Click on the "Recent Activity" link on the left.
Unless you've added the web browser you are using right now as a "frequent device", you'll need to verify a security code sent to your cell phone number or alternate email address, before you can access your Hotmail sign-in log. If you get this request, pick your preferred verification method, type the missing info, and click Next.
Enter the security code you've received email or in an SMS text message in the text box. If this is a computer you regularly use to access your Hotmail account, checking the "I sign in frequently on this device. Don't ask me for a code" checkbox will, from this point on, only require you to enter your password once when you view the Microsoft Account page, and that's it. Do not check this checkbox if you are using a shared or public computer. Click Next to proceed (if asked, you can click "Set it up later" on the next screen).
The following page will show you your detailed login history (whenever a web browser, email program, or mobile device has accessed your account), as well as recent account activity (a password change -which you should do regularly!- updating parts of your profile, etc.) You'll see a series of "
Successful sign-in (x events)" links, grouped by date. Click on any of them to reveal their transactions:
Best of all, you cannot erase anything from your sign-in history: even if someone has all the information needed to access that recent activity log, they won't be able to remove anything from it! Make it a habit to regularly check that history, especially if you login to Hotmail from shared computers (school, work, public library, etc.) or regularly used unsecured networks (like free Wi-Fi connections at coffee shops and other public places). That means that your Hotmail sign-in log is truly full-proof!
Tip: you will probably see "Security Challenge" event: this is how Microsoft denotes any kind of operation where you were required to "prove" your identity. Entering a security code received by email or text message constitutes a security challenge, which be logged in Recent Activity!
You will mainly see two types of successful sign-in's for your account: if click to expand any of them, you'll see the IP address, the device or platform, the web browser or app used to access your account, and the account alias used to login (your main email address or a related alias). If it gives a web browser name under "
Browser/app", like Internet Explorer, Firefox, Google Chrome, Safari (etc.), someone (hopefully you!) signed into your Outlook.com account from a desktop or laptop computer:
Note: if the "Successful sign-in" entry says "This is your current session" in the bottom right corner, it means that this particular sign-in is the browser you are currently using to view your login history. Otherwise, you'll see a "Was this you? If not, let us know" question, and a button that reads "This wasn't me": click it if you know that you did not access your Hotmail account from the given location, at the stated time. Doing so helps Microsoft find hackers (or just plain unauthorized users, like an angry ex!), to refine their fraud detection system:
The second type of logged transaction will show "Exchange ActiveSync" under "
Browser/app": this, actually, isn't too helpful, because it only describes how the person logged in, not using which app (which could help you know if this was a legitimate sign-in or not). In the screenshot below, this successful login was an email app for iPhone / iPad, but you'd only know because we told you: all Microsoft provides in this case is "Exchange ActiveSync" (which is their proprietary email communication protocol, used by any device or app, along with
IMAP). Notice that even the platform is incorrect - it says "Windows" instead of "iOS" (the name of the mobile operating system that powers Apple's devices). The location and map shown derive their information from the IP address used at the time: if you were using a (mobile) cellular connection, or logged in through a proxy (using a random IP address), keep in mind that the location displayed may not always exactly match your actual location!
Caveat: the bottom line is that the data you are seeing in your login history is of limited reliability, because of roaming changes (different IP addresses), the vagueness of the information supplied under Browser/app, etc. Stay vigilant: but, before you start to panic after seeing unrecognized login attempts, dig deep to try to remember if this particular sign-in session wasn't a legitimate one!
There are two things you can do, very easily, to protect your account against hackers and other unauthorized access. First, setup single-use sign-in codes: whenever someone tries to log into your account, you'll receive a six-digit security code as SMS text message sent to your cell phone. If the person can't provide that code, they won't be able to sign in! Second, you can enable two-factor authentication for your Hotmail account: that gives you full control over who accesses your account, because any new or untrusted device / web browser, cannot login unless they provide a code generated uniquely for your account, by a special mobile app. And that code changes every 30 seconds! With those two, or at least one of them, enabled, you've just gotten one step closer to making your account hacker-proof!