User pressed "Report" by accident in Auth app. At next login his MFA is blocked for good - even after MFA reset (receives "Unable to add account" or "QR code already used")

Question

User pressed "Report" by accident in Auth app. At next login his MFA is blocked for good - even after MFA reset (receives "Unable to add account" or "QR code already used")

RaduOrleanu 1

All this happened because the user receives duplicate notifications for login on in his Microsoft Authenticator App. The user pressed "Report" in the Microsoft Authenticator App by accident, but still managed to login correctly.
A couple of days later when he had to renew his authentication via the Microsoft Authenticator app he cannot use it anymore so he asked support for help.

The tenant support reset his MFA but now he is unable to set up MFA using Microsoft Authenticator because when scanning the QR code it returns "Unable to add account" or "QR code already used". He tried other auth apps (Google Authenticator etc.) and although they scan the QR code correctly, the generate code is recognized as being wrong every time by Azure during the MFA setup.

I looked it up online and it could be he was added to some list which keeps blocking his MFA setup attempts. Someone instructed me to look into Azure AD in Security > MFA > block/unblock users and see if he's listed there. Tennant support checked and he isn't in the list.

Is there anyone that had this problem ? Is there any solution or is the account blocked for good ?

Kalia Hayes 1 Reputation point

2022-10-17T16:57:40.3+00:00

I'm a user who accidentally pressed Report. Worst part, I didn't even read the prompt. Was on auto-pilot. Have you made on progress on this? Would like to know what to tell my IT Team.
James Ledbetter 5 Reputation points

2023-10-23T20:21:11.9966667+00:00

This can be fixed by going to this screen and verify the user is not in the blocked list.
Daniel Rau 0 Reputation points

2024-11-13T15:38:41.7233333+00:00

Thank you, this did resolve my issue (not sure why this was not marked as solved).

1 answer

Your answer

Kalia Hayes 1 Reputation point

2022-10-17T16:57:40.3+00:00

I'm a user who accidentally pressed Report. Worst part, I didn't even read the prompt. Was on auto-pilot. Have you made on progress on this? Would like to know what to tell my IT Team.
James Ledbetter 5 Reputation points

2023-10-23T20:21:11.9966667+00:00

This can be fixed by going to this screen and verify the user is not in the blocked list.
Daniel Rau 0 Reputation points

2024-11-13T15:38:41.7233333+00:00

Thank you, this did resolve my issue (not sure why this was not marked as solved).

Answer 1

JimmySalian-2011 42,511

Hi,

Usually the reset from the console or portal should fix the issue however can you please follow the steps below to reset and unblock MFA in Azure Active Directory via Azure Portal and PowerShell.

Using Azure Portal:

Sign in to the Azure portal with the tenant Global Administrator account.

Navigate to Azure Active Directory > Users > All users > Choose the user you wish to perform an action on > select Authentication methods > Require Re-register MFA.

Once this is done, the next time the user signs in, he/she will be requested to set up a new MFA authentication method.

Note: The user's currently registered authentication methods aren't deleted when an admin requires re-registration for MFA. After a user re-registers for MFA, we recommend they review their security info and delete any previously registered authentication methods that are no longer usable.

Using PowerShell:

Install the MSOnline PowerShell module.

Run Connect-MSOLService and sign in with the Global Administrator account.

Run Set-MsolUser -UserPrincipalName John.dave@Company portal .com -StrongAuthenticationMethods @() cmdlet to reset the MFA registration information.

==
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

RaduOrleanu 1 Reputation point

2022-09-17T20:05:23.75+00:00

Hi,

Thanks for your answer however the tenant Global administrator has already did Require Re-register MFA but the user is unable to set up a new MFA using Microsoft Authenticator because when scanning the QR code it returns "Unable to add account" or "QR code already used".
He also tried setting up MFA again using other auth apps (Google Authenticator etc.) and although they scan the QR code correctly, the generate code is recognized as being wrong every time by Azure during the MFA setup.

Any advice on this issue ?

Thanks!
RaduOrleanu 1 Reputation point

2022-09-19T11:34:58.537+00:00

Note: The user's currently registered authentication methods aren't deleted when an admin requires re-registration for MFA. After a user re-registers for MFA, we recommend they review their security info and delete any previously registered authentication methods that are no longer usable.

Is it possible to set up a conditional access for only this particular user to login without MFA from his usual machine and delete any previously registered authentication methods ?

Thanks!

Share via

User pressed "Report" by accident in Auth app. At next login his MFA is blocked for good - even after MFA reset (receives "Unable to add account" or "QR code already used")

1 answer

Your answer