I’ve always used two-factor authentication for my important accounts (e.g. emails) and in the past few weeks, have gotten more nervous because of my previous passwords. My email passwords are my strongest and have used two-factor authentication. For my Microsoft account, I use the authentication app. In the past few weeks, I’ve started sifting through past attempts to hack my account and have been updating my password more frequently.
However, I’m wondering how much is too much. Someone in the same state has now tried to get into my account twice. I want to be secure but I don’t want to keep changing my password every week. It’s not like it’s a weak password, but I don’t want to keep changing them if I don’t have too. Any advice? Lately, I’ve updated my security by adding in additional backup emails and phone number (not just mine). I know it’s usual for people around the country/world to hack accounts but should I be worried based on this description? Thank you.
Edit: the person who is in the same state tried to gain access by using the authentication app (“new sign-in to Microsoft” notification that I clicked “deny” on twice now within a few days. The activity is marked as “incorrect password entered”)