Share via

Tenant lockout – only Global Admin lost MFA device (Authenticator)

Pascal Kamer 20 Reputation points
2026-01-27T11:00:04.38+00:00

*** I am the only Global Administrator in our Microsoft Entra (Azure AD) tenant.

  • MFA is required and the only registered method was Microsoft Authenticator on a lost/reset phone.
  • I cannot sign in to Entra/Azure/M365 admin portals to reset security info.
  • Request: Please escalate to Microsoft Support Data Protection to verify ownership and reset MFA registration.

Public (non-PII) details:

  • Tenant primary domain: PII
  • Tenant region/country: European Union (EU)
    *** I can provide the affected Global Admin UPN and contact details via private message.
Microsoft Security | Microsoft Entra | Microsoft Entra ID
Answer accepted by question author
  1. Rukmini 26,525 Reputation points Microsoft External Staff Moderator
    2026-01-27T15:59:06.4866667+00:00

    Hello Pascal Kame,

    The issue pertains to a tenant lockout, where no other global admin in the tenant has the necessary permissions to login and make changes in your tenant.

    To resolve this, we have engaged our Data Protection team through a support ticket. They will reach out to you via email or phone to help restore access to the tenant and assist in resolving the issue.

    1 person found this answer helpful.
    0 comments

0 additional answers

Sort by: Most helpful
Most helpful Newest Oldest

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.