How to completely reset a users MFA in M365.

Jeff Palmer 20 Reputation points
2023-08-03T20:53:23.34+00:00

Hello Everybody,

      I am hoping somebody here might have some solution since the basic M365 wasn't of any assistance. I have a user that had been using the Microsoft Authenticator for MFA on their M365 account. Last week I reset his password and then the MS Authenticator app stopped working properly. So, we deleted the account from the Authenticator app and I would just start from the beginning again.  Next, I went to Azure (Now Identity) and did the revoke MFA function and then did the "Re-Register Multifactor Authentication."  as well as logging out of all user sessions. I then we went through all the steps to add the account back to the MS Authenticator but when we scan the QR code we now get an error message "Activation Failed. Make sure that push notifications are enabled on the phone and your activation code is not wrong, expired or formerly used."  So, I am like fine we will just try using the phone, so I add phone to his available MFA options, so we try to send a text message it errors out with contact your administrator.  Finally I try the phone call option and it also fails out.  In the admin panel I verified that the phone/authenticator etc. options were enabled for everyone from the "service settings" on the Multi-Factor Authentication page, as well as checking the "Require Selected Users to Provide Contact Methods Again" from the actual users setting on that same page.  Even after that, deleting and re-adding the MS authenticator App, try Google Authenticator, and going through these same steps at least a dozen times with Microsoft Support we still can't get ANY MFA to work on my user's account.  Does anybody have any suggestions?  The only solutions I have from MS Support is to make my end user a Global Administrator (without working MFA!) and see if that fixes it or they suggest I delete the user from M365 and then re-add them but I don't want to risk my user losing over 10 years of important email.  If ANYBODY has a powershell command or any other suggestions please let me know.  Thank you in advance.  
Exchange Online
Exchange Online
A Microsoft email and calendaring hosted service.
6,173 questions
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Microsoft Security | Microsoft Authenticator
0 comments No comments
{count} votes

Accepted answer
  1. Andy David - MVP 157.6K Reputation points MVP Volunteer Moderator
    2023-08-03T22:43:28.9533333+00:00
    1 person found this answer helpful.

0 additional answers

Sort by: Most helpful

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.