BrowsePopularContact UsAbout Us

How to Cancel or Remove an Approved Sign-In Code for a Microsoft Email Account

If you use Outlook.com, Hotmail, Live, or another Microsoft email account, you might run into security features like sign-in codes, app passwords, or verification codes. Sometimes people say “approved sign code” when they actually mean one of these:

  • A two-step verification code sent to your phone or email
  • A sign-in approval prompt in the Microsoft Authenticator app
  • An app password created for older apps that can’t handle modern sign-in
  • A trusted device where you checked “Don’t ask me again on this device”

Canceling or “removing” an approved sign code usually means turning off or revoking one of these security methods so it can’t be used again.

Below, we’ll walk through what these codes actually are, how they work, and what you can change yourself in your Microsoft account security settings.

What Microsoft Means by Sign-In Codes and Approvals

Microsoft doesn’t literally call anything “approved sign code,” which is why this can be confusing. In practice, it usually refers to one of these four things:

1. Two-Step Verification Codes

When two-step verification (2FA) is on, you:

  1. Enter your password, then
  2. Confirm with a second factor, such as:
    • A text (SMS) code
    • An email code to a backup address
    • A code from an authenticator app
    • A hardware security key

These are one-time codes. Once used, they’re not reusable and can’t really be “canceled” afterward. What you can do is:

  • Turn two-step verification off
  • Remove or change the phone number or email used
  • Switch to a different verification method

2. Microsoft Authenticator “Approve Sign-In” Prompts

With the Microsoft Authenticator app, you might see:

  • “Approve sign-in?” on your phone
  • Number matching: your screen shows a number and you tap the same number in the app

This is an approval prompt, not a reusable code. You can cancel future approvals by:

  • Removing your Microsoft account from the Authenticator app
  • Turning off Authenticator sign-in for that account in Microsoft’s security settings
  • Turning off two-step verification entirely (not always recommended)

3. App Passwords for Older Email Clients

Some older apps (like legacy versions of Outlook or mail apps on older phones) don’t support modern sign-in with 2FA. Microsoft lets you create app passwords: long, auto-generated passwords that bypass normal 2FA.

These can feel like “approved sign-in codes” because:

  • You generate them once
  • You enter them into a device/app
  • The device keeps working without extra prompts

Unlike one-time codes, app passwords persist until you revoke them or turn off 2FA. These you can absolutely “cancel.”

4. Trusted Devices / “Don’t Ask Again” Options

Sometimes, after successfully signing in with 2FA, you’ll see:

  • “Don’t ask me again on this device”
  • “Stay signed in”

If you check this, that device becomes trusted for a while. Microsoft may not ask you for a code again on that browser or app, which can look like a permanent approval.

You can cancel this by:

  • Removing those trusted sessions/devices
  • Signing out of all sessions
  • Changing your password or security settings (which often forces re-authentication)

How to Cancel or Remove an Approved Sign-In Method

Most of this is managed from your Microsoft Account Security page.

Navigate to:
https://account.microsoft.com/security and sign in.

A. Turning Off or Changing Two-Step Verification

If your goal is to stop receiving sign-in codes at all:

  1. Go to Advanced security options on the Microsoft Security page.
  2. Find Two-step verification.
  3. Choose:
    • Turn off two-step verification
    • Or keep it on but change how you get codes (phone, email, app, key)

What this does:

  • Disables the need for a second factor on new sign-ins
  • Removes the need for “approved” codes from your Authenticator or SMS

What it does not do:

  • It does not retroactively cancel codes you already used
  • It does not automatically remove stored sessions on all devices (you may still be logged in somewhere until you sign out)

B. Revoking App Passwords (Persistent Approved Sign-In Codes)

If by “approved sign code” you mean an app password you created:

  1. Go to Advanced security options.
  2. Look for App passwords or similar.
  3. You may see:
    • A list of app passwords (sometimes with labels like “Outlook on phone”)
    • Or a simple section allowing you to create or remove app passwords
  4. Delete or revoke the app password(s) you don’t want to work anymore.

What this does:

  • Any email app or client using that app password will stop signing in
  • You’ll likely get error messages on that device asking to re-enter a password
  • You can later create a new app password for that device if needed

This is the closest thing to “canceling an approved sign-in code” in a strict sense, because an app password is like a standing approval.

C. Removing the Authenticator App as an Approval Method

If you no longer want your Microsoft Authenticator app (or any code app) to approve sign-ins:

  1. Open the Microsoft Account Security page.
  2. Head to Advanced security options.
  3. Under Ways to prove who you are (or similar wording), look for:
    • Microsoft Authenticator
    • Other authenticator apps attached to your account
  4. Select the Authenticator entry.
  5. Choose Remove, Delete, or Turn off for that method.

Optional: On your phone itself, also:

  • Open Microsoft Authenticator
  • Remove the account from within the app

Result:

  • You won’t get sign-in approval prompts through that app anymore.
  • If 2FA is still enabled, you’ll need another method (SMS, email, security key, etc.).

D. Clearing Trusted Devices and Remembered Logins

If your concern is that a certain computer or phone is “trusted” and doesn’t ask for codes:

You can often reset this from the same security pages:

  1. Go to SecuritySign-in activity (or Devices / Sessions).
  2. Look for options like:
    • View all sign-ins
    • Sign out everywhere
    • Remove trusted device
  3. Choose to sign out from places you don’t recognize, or from all devices.

You can also:

  • Clear cookies in your browser (removes “stay signed in” state).
  • Change your password, which often forces devices to prompt for the new one.

Key Variables That Affect How You Cancel These Codes

The steps above cover the main paths, but your exact options depend on a few practical details.

1. Which Microsoft Service and Interface You’re Using

  • Outlook.com / webmail in a browser
  • Microsoft 365 / Office 365 work or school account
  • The Mail app in Windows
  • Outlook app on Android or iOS

Work and school accounts often have admin-controlled security policies, which can limit what you can change yourself.

2. Account Type: Personal vs Work/School

  • Personal Microsoft accounts (Outlook.com, Hotmail, Live)
    • You control your own two-step verification, app passwords, and trusted devices.
  • Work or school (Azure AD / Microsoft 365) accounts
    • IT admins may enforce multi-factor authentication (MFA).
    • Certain options, like turning off MFA or deleting certain methods, might be blocked.

For work/school accounts, you might be able to remove app passwords or a device registration, but not disable MFA.

3. How You Originally Set Up Your Security

Your options depend on:

  • Did you enable two-step verification yourself?
  • Are you using Microsoft Authenticator, SMS, email, or a security key?
  • Did you ever create app passwords?

For example:

  • If you never turned on 2FA, there won’t be app passwords to revoke.
  • If you only use SMS codes, “canceling an approved sign-in code” just means turning off 2FA or changing your phone number.

4. Devices and Apps Currently Signed In

If multiple devices use your Microsoft email, the cleanup will differ:

ScenarioWhat Canceling Involves
Single laptop browser onlyClear cookies, sign out, and adjust 2FA/app passwords on your security page.
Multiple phones, tablets, and PCsRevoke app passwords and sign out from all sessions in Security → Sign-in activity.
Old email apps that can’t do 2FALikely rely on app passwords; you’ll need to revoke and possibly replace them.
Shared or public computer usedSign out immediately and consider changing your password and clearing trusted devices.

5. Security vs Convenience Priority

Your decision depends on what matters more to you:

  • Maximum security
    • Keep two-step verification on
    • Remove app passwords you don’t recognize
    • Avoid “Don’t ask me again” on shared devices
  • Maximum convenience
    • Consider turning off 2FA (for personal accounts only, and only if you accept the risk)
    • Use trusted devices responsibly on your own devices

Different User Profiles, Different Outcomes

Canceling an “approved sign code” means different things in practice for different people.

Casual Home User

  • Likely uses Outlook.com or Hotmail via a browser and maybe one phone app.
  • Might cancel an approved code by:
    • Turning off two-step verification
    • Removing Authenticator
    • Signing out on devices they don’t use anymore

Result: Fewer prompts, but less protection if someone guesses or steals their password.

Security-Conscious Power User

  • Has multiple devices and uses advanced 2FA methods.
  • Canceling approved codes usually means:
    • Regularly reviewing and revoking app passwords
    • Clearing old trusted devices
    • Keeping 2FA on, but adjusting which methods are allowed

Result: Still secure, but with tighter control over where sign-in is “approved.”

Work / School Account User

  • Company or school may require MFA.
  • “Canceling” may be limited to:
    • Removing their account from a personal device
    • Asking IT to revoke device registrations or app passwords
    • Resetting their own password if they suspect unauthorized access

Result: They get some control, but policies are mostly set by the organization.

Someone Who Lost a Phone or Device

  • Concerned that the lost device still has an “approved” sign-in.
  • Likely steps:
    • Go to account.microsoft.com/security from another device
    • Change the account password
    • Remove that device from Devices / Sign-in activity
    • Revoke app passwords and reconfigure 2FA methods if needed

Result: The lost device should stop working for future sign-ins and syncs once changes propagate.

Where Your Own Setup Becomes the Missing Piece

Canceling an “approved sign code” for a Microsoft email account always comes back to a few core actions:

  • Managing two-step verification (on/off and how it’s configured)
  • Adding/removing verification methods like phones, emails, apps, and keys
  • Revoking app passwords and trusted sessions/devices
  • Reviewing which devices and apps are still signed in

The specific mix of those steps that makes sense depends entirely on:

  • Whether your account is personal or work/school
  • Which devices and apps you’re using with that Microsoft email
  • How comfortable you are balancing security against convenience
  • Whether you’re reacting to a security concern (lost device, suspicious sign-in) or just trying to reduce annoyance

Once you map your own devices, apps, and account type against these tools, it becomes clearer which “approved sign-in” to actually cancel—and which to keep.