This is actually what microsoft does for microsoft accounts
If you recover a microsoft account / submit a ticket to recover it and provide correct information, the active email gets an email letting them know about the request
You can deny it, or if you ignore it for 30 days the request goes through
Seems to be the best system IMO
Someone has been trying to hack into my MSFT account for years. I constantly get the notifications. I can not see where they are trying from (unlike some other services that give you info about failed login attempts) nor add more security measures. I worry one day I will accidentally hit "Approve" or they will guess the 6 digit code they have tried thousands of times.
The fun part is that you can't disable OneDrive. No matter how many times I turn it off it always keeps turning OneDrive back on to put my private data in the cloud for the attackers. Of course I can't block the methods that are obviously under attack either.
And the lack of a login history view means I have no way to know if they were successful yet. Support has never been good (for legitimate users) and is basically non-existent with AI now.
I think the best defense against this is to delete the Microsoft account and enjoy a better life. (Unless, of course, you need it for Minecraft.)
You can view the recent activity on your Microsoft account @ account(dot)live(dot)com/Activity
Would show any logins or security info updates etc
Those login attempts which trigger 2fa app does not generate a log entry if unsuccessful. Only attempts with username/password does. For some strange reason.
So there is no way to flag them as malicious and if you accidentally accept, then it’s already too late.
Pretty annoying setup.