Authenticator App bypasses password requirement despite "Passwordless Account" being disabled

Aiden 0 Reputation points
2024-10-26T08:21:32.13+00:00

I’m experiencing a problem with my Microsoft account authentication process. Although I have disabled the "Passwordless Account" option under "Additional security" on https://account.live.com/proofs/manage/ and enabled two-factor authentication (2FA), my account only requires one verification step through the Authenticator App.

Even when logging in from new, unrecognized devices with different IP addresses, I’m never prompted for a password. Instead, the Authenticator App approves the login directly. Oddly, while my account settings page shows that passwordless sign-in is disabled, the Authenticator App itself indicates that "Passwordless sign-in is enabled."

I want both my password and the Authenticator App to be required when logging in. Any guidance on aligning these settings to ensure both steps are required would be appreciated.

Microsoft Authenticator
Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation.
7,189 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. RevelinoB 3,505 Reputation points
    2024-10-26T13:07:49.56+00:00

    Hi Aiden,

    I’ve come across this issue before, and here’s what usually works to get your Microsoft account to require both a password and the Authenticator app:

    Check Passwordless Sign-In in the Authenticator App:

    Open the Authenticator app, find your Microsoft account, and see if there’s an option to turn off passwordless sign-in directly in the app. If it still shows as enabled, disable it—this often resyncs the app with your actual account settings.

    Remove and Re-Add Your Account in Authenticator:

    Try deleting the account from the Authenticator app, closing the app, and then re-adding the account. This usually forces it to sync with your account’s current security settings. Just be sure passwordless isn’t enabled during the setup.

    Toggle 2FA Off and Back On:

    Log into your Microsoft security settings online and temporarily turn off two-factor authentication (2FA), wait a bit, then turn it back on. This often resets the settings so both the password and Authenticator are required.

    Clear App Cache or Reinstall Authenticator:

    If passwordless still shows as enabled in the app, try clearing the app cache or even reinstalling the app. Sometimes a fresh start clears any setting issues.

    Test on a Different Device or Browser:

    After following these steps, log in from a new device or browser. If it’s working, you should see both a password prompt and an Authenticator check.

    If it’s still not quite right, it might be worth a call to Microsoft Support to check for any setting misalignments on their end. These steps usually fix it so you can get the security setup you’re after!


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.