Unable to Login to Admin Account Due to MFA Loop – Need Help Resetting MFA

Question

Hello,

I’m encountering an issue where I cannot log into my Microsoft admin account for my non-profit organization. When I try to sign in, I’m stuck in a Multi-Factor Authentication (MFA) loop. Unfortunately, I wasn’t able to fully configure MFA before running into this problem, and now I have no way to bypass it.

I’ve tried using my recovery email and phone number, but there doesn’t seem to be an option for other verification methods, and I am unable to proceed.

Could someone help me by either resetting the MFA on my account or advising on how to regain access to the admin account?
Any help or guidance would be greatly appreciated!

Thanks,

Answer 1

Hello Kamal Shrestha,

Thanks for your question

From the screenshot, it looks like authenticator is configured to a phone. So if this is the case and there is no other Global admin, The way to resolve this is to request for Product Support to reset MFA for the affected users. Contact Product Support with the email address for the affected user.

See: https://learn.microsoft.com/en-us/xandr/curate/troubleshooting-multi-factor-authentication-mfa?source=recommendations#dont-delete-mfa-app

To do this reach out to the global service numbers here: https://support.microsoft.com/en-us/topic/global-customer-service-phone-numbers-c0389ade-5640-e588-8b0e-28de8afeb3f2

You can also try accessing https://mysignins.microsoft.com/security-info on a trusted device as it is a microsoft account.

You can mark it 'Accept Answer' and 'Upvote' if this helped you

Regards,

Abiola

Answer 2

@Kamal Shrestha

Thank you for posting this in Microsoft Q&A.

As I understand you are unable to login Azure portal as you have lost access to your authenticator app for MFA authentication on your phone.

In this situation you have 2 ways to solve this issue.

• If you have another Global admin of your tenant
• If you are the only Global admin of your tenant

If you have another Global admin of your tenant, you can ask them to make change in Entra ID for your account so that you can re-register for MFA in authenticator app. To perform this, you can ask another Global admin to follow below steps,

• Admin has to login to Azure portal and access Azure active directory.
• Once done they have to go to users blade on the left.
• Click on the user account which has been locked out.
• Click on Authentication methods and click on “Require re-register multifactor authentication”.
• Now when you try to login to Azure services it will prompt you to register for MFA again.

 

If you are the only global admin on the account and are blocked entirely, you can reach out to our support team. You can look into below article to get support numbers depending on your country.

https://support.microsoft.com/en-us/topic/global-customer-service-phone-numbers-c0389ade-5640-e588-8b0e-28de8afeb3f2

or creating a ticket through a different account:  https://learn.microsoft.com/en-us/microsoft-365/admin/get-help-support?view=o365-worldwide#phone-support

Create a ticket with Microsoft support team. Give them the tenant ID which is locked out in your description. Tell them that no admin account has access anymore and your partners also have no access anymore.

Once you create a ticket with support team you will have to work with our data protection team. You will have to first prove your identity against your tenant for security purpose. Post that this team will help you with help you in getting access to your tenant or unlock your account depending on your scenario.

Also, for the future, you can create an emergency access account (break glass) in Azure AD. This account will help prevent being accidentally locked out of your Azure Active Directory (Azure AD) organization because you can't sign in for any reason.

https://docs.microsoft.com/en-us/azure/active-directory/roles/security-emergency-access

 

Let me know if you have any further questions.

Please "Accept the answer" if the information helped you. This will help us and others in the community as well.