I did not setup an emergency admin account but should have.
I purchased a new phone and transferred everything from that phone over. When attempting to take care of my Azure bill I realized I forgot to update my MFA information before wiping my old phone.
Since I know my credentials to my Microsoft account I was able to set it up on Microsoft Authenticator again. However, it seems like the instance of Authenticator that is attached to my Azure AD did not automatically update to the one on my new phone and is still expecting verification from the instance installed on the old one.
What happens when I attempt to login?
- I enter the email account into the sign in form on the Azure Portal website.
- I get successfully receive a sign in prompt on my newly installed Microsoft Authenticator App.
- Successfully completing the prompt logs me into my Microsoft Account.
- I then get prompted again, on the Azure Portal Website to confirm a sign in prompt on my Microsoft Authenticator App.
- However this time I do not receive a prompt (I'm guessing it's attempting to send it to the old instance of the app).
- When clicking on the "I can't use my Microsoft Authenticator app right now" button, I see three options: Send a request to the App (nope this already doesn't work why is this even an option here).
- Use a verification code (I do see codes in the Microsoft Authenticator App but they are eight digits long and this form only accepts six digits). I suspect that even if the code was six digits it still wouldn't work because the Authenticator instance attached to my Azure account is different.
- Text my backup phone number (This number has been changed and I failed to update this in Azure AD, so my fault here)
- Essentially, there are no options that work for me to recover or reset my Azure AD MFA options.
Things I have tried:
- Calling Microsoft Support via phone using 866-807-5850 and 800-642-7676 both numbers from this page (https://support.microsoft.com/en-us/topic/global-customer-service-phone-numbers-c0389ade-5640-e588-8b0e-28de8afeb3f2) both numbers have the same automated system that is no help. You cannot reach a live person and when stating you are having issues accessing your account they send you to a link (https://aka.ms/pwr) that is intended to reset your Microsoft Account (not my Azure AD creds or MFA). I already have access to my Microsoft Account, however I can't access or reset my Azure AD creds. This link (https://account.live.com/acsr) is also a recovery form but for my Microsoft Account not Azure AD.
- Completing a support ticket but when selecting the account reset option it sends you back to Azure to sign in. Hilarious :)
I have received this documentation link (https://docs.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access) for what to do in the future but right now I'm trying to figure out how to contact Azure Support for resetting the credentials to my Global Azure Admin Account. If that's even possible. I would like an email address or phone number where I can reach a live person who can assist.
Thank you!