![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(9.6, 55.00000000000001%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EDJ%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Direct escalation to a manual-review team is not available for personal Microsoft accounts. Recovery is handled only through the official self-service and support flows. Based on the described situation (account taken over, primary alias and security info changed, original alias now shows “This Microsoft account does not exist”), the following supported options apply:
- Use the hacked/compromised account flow
- Start with the official compromised-account guidance: How to recover a hacked or compromised Microsoft account.
- This will route to the sign-in helper and, if needed, to the account recovery form.
- Submit the Microsoft account recovery form
- Go to the account recovery form (linked from the hacked/compromised account article) and submit a request with as much accurate information as possible.
- Use all available ownership evidence when filling the form (previous passwords, billing details, Xbox-related info where requested, etc.).
- After submission, results are sent to the working contact email provided at the start of the form within 24 hours.
- If the account cannot be verified, the result email will say so. In that case, the form can be retried up to two times per day, each time with any additional or more accurate information available.
- If the account is verified, instructions to sign back in are sent to the same working email.
- Understand support limitations
- Support agents and advocates are not allowed to send password reset links or directly access/change account details for security reasons.
- If the recovery form repeatedly fails to verify ownership, the account is treated as unrecoverable; community forums and moderators cannot override this or perform a manual backend recovery.
- If the account is in “security info change pending” state
- If at any point a “Your security info change is still pending” message appears when trying to sign in, use the options on that screen:
- “Cancel this request” if the change was initiated and the old security proofs are still accessible.
- “Let us know” if the change was not made by the account owner; this routes through the unauthorized-change flow.
- After regaining access
- Review and follow the guidance in “How to help keep your Microsoft account safe and secure” (linked from the recovery-form help article) to:
- Add strong security info (Microsoft Authenticator, additional email/phone).
- Remove any attacker-added aliases from “Manage how you sign in”.
- Check for unusual sign-ins and mailbox rules/forwarding.
If the recovery form and hacked-account flow do not result in successful verification, there is no supported escalation path that can bypass these automated ownership checks for personal Microsoft/Xbox accounts.
References:
- How to recover a hacked or compromised Microsoft account
- Help with the Microsoft account recovery form
- What happens if there's an unusual sign-in to your account
- My account got hacked. - Microsoft Q&A
- How do I send an email to Microsoft about my account being hacked and taken over by <removed> ? - Microsoft Q&A
- Need help with hacked microsoft account - Microsoft Q&A