This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(48, 0%, 14%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EH%3C/text%3E%3C/svg%3E)
We have some Azure users showing failures on "Single-factor authentication" every day.
We have disabled all per user MFA, enforced users with conditional access policies.
However, we still see the "Single-factor authentication" failure in some users sign logs.
Authentication requirement :Single-factor authentication
Authentication method : Windows Hello for Business
Sign-in error code : 1400001
Failure reason : Request nonce is not provided.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(86.4, 96%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ENP%3C/text%3E%3C/svg%3E)
Hi,
Have you check if user account is getting locked out during that period? Is this particularly from single device or multiple device users tried login? I suspect any configuration issues in user profile causing multiple attempts and giving this errors.
Thanks. Nikit.
User account wasn't locked at that time.
I suspect a configuration or application caused the issue at backend.Any idea for the troubleshooting?
Many thanks
This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.
Comments have been turned off. Learn more
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(281.6, 17%, 37%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGM%3C/text%3E%3C/svg%3E)
@HellowWord Thank you for reaching out to us, As I understand you are investigating on this
Sign-in error code : 1400001 Failure reason : Request nonce is not provided. & Authentication method : Windows Hello for Business
This happens/expected when users can provision WHfB (windows hello for business) credentials, but when they attempt to use them to acquire a PRT, sign-in fails.
Do you have Windows hello configured in the environment? if yes can you help what kind of configuration is deployed in your environment - https://learn.microsoft.com/en-us/windows/security/identity-protection/hello-for-business/deploy/
Do you see for all users the above mentioned error code in the sign in logs?
Let me know if you have any questions, feel free to post back.
@HellowWord Just checking in to see if above information was helpful. If you have any further updates on this issue, please feel free to post back.
Thank you! Givary-MSFT
We have Windows hello for business deployed for all users.
However, only a couple of users have the error codes in sign-in logs.
We have cloud-only whfb, however, some users are migrated from hybrid to cloud only long time ago.
@HellowWord Apologies for the delay in responding to your comment, if the issue still persists, can we connect offline to discuss on this.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 63%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ED4%3C/text%3E%3C/svg%3E)
Same issue, did you find an answer?
