This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(12.8, 77%, 11%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJP%3C/text%3E%3C/svg%3E)
Hello Everybody,
I am hoping somebody here might have some solution since the basic M365 wasn't of any assistance. I have a user that had been using the Microsoft Authenticator for MFA on their M365 account. Last week I reset his password and then the MS Authenticator app stopped working properly. So, we deleted the account from the Authenticator app and I would just start from the beginning again. Next, I went to Azure (Now Identity) and did the revoke MFA function and then did the "Re-Register Multifactor Authentication." as well as logging out of all user sessions. I then we went through all the steps to add the account back to the MS Authenticator but when we scan the QR code we now get an error message "Activation Failed. Make sure that push notifications are enabled on the phone and your activation code is not wrong, expired or formerly used." So, I am like fine we will just try using the phone, so I add phone to his available MFA options, so we try to send a text message it errors out with contact your administrator. Finally I try the phone call option and it also fails out. In the admin panel I verified that the phone/authenticator etc. options were enabled for everyone from the "service settings" on the Multi-Factor Authentication page, as well as checking the "Require Selected Users to Provide Contact Methods Again" from the actual users setting on that same page. Even after that, deleting and re-adding the MS authenticator App, try Google Authenticator, and going through these same steps at least a dozen times with Microsoft Support we still can't get ANY MFA to work on my user's account. Does anybody have any suggestions? The only solutions I have from MS Support is to make my end user a Global Administrator (without working MFA!) and see if that fixes it or they suggest I delete the user from M365 and then re-add them but I don't want to risk my user losing over 10 years of important email. If ANYBODY has a powershell command or any other suggestions please let me know. Thank you in advance.
Hi, verify the user is not blocked:
https://www.linkedin.com/pulse/resolved-able-setup-azure-mfa-activation-failed-syed-sabih-haider/
Thanks Andy, I wasn't in that exact location from the screenshot but the user was indeed blocked from MFA in Azure. You would figure that MS would actually notify you that the user is blocked from MFA if you try to enable it. Thank you again! I have spent 4 hours on the phone with Microsoft "Support" and it was literally a 5 second fix that apparently the "support" team is clueless about.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 49%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJB%3C/text%3E%3C/svg%3E)
Yes! THIS!!!