Removing "Bad Reputation" from account, which is causing me to not be able to login?

Question

Hi,

I have recently left my workplace which had a company profile on my phone which fully reset it, hence resetting Multi-Factor Authentication, and I am now unable to access my business portal as I am getting error code: 399287, which looks to be Bad Reputation/Suspicious Activity on my cell phone number, which is causing me to be exponentially locked out, I really need help to get back into my account, this is to the only Global Admin account on the tenant also.

@Raja Pothuraju are you able to help me, seeing as you've helped other in the past I've seen. I've been going around in circles trying to call support.

Answer 1

Hello @Mitch Vesture,

Thank you for sharing your details via private message.

I’ve reached out to the engineering team regarding the MFA issue on your account. They have now unblocked it from the backend and cleared the bad reputation associated with it. You should be able to log in to the Azure Portal without any issues.

Please try signing in and verify if you can complete SMS authentication successfully. Let me know if you encounter any problems.

As a best practice, I recommend registering the Microsoft Authenticator method for your account instead of relying on SMS. SMS and voice call authentication methods are more vulnerable to IRSF attacks (telephony fraud) and are generally less secure.

For better practice, I recommend registering with Microsoft Authenticator method to your account instead of SMS method as these SMS/Voice telecom auth methods are susceptible to IRSF attacks telephony fraud.

I hope this information is helpful. Please feel free to reach out if you have any further questions.

Answer 2

Error code 399287 indicates that the phone number used for SMS verification has been flagged with a “bad reputation” and is blocked for Microsoft Entra multifactor authentication (MFA). Because this is also the only global admin account on the tenant, the issue must be handled by Microsoft’s Data Protection team; it cannot be fixed from the sign-in page or by forum moderators.

To regain access:

1. Contact Microsoft support and reach the Data Protection team
   • Call the appropriate support number for the region from the Microsoft customer service phone list: Customer service phone numbers - Microsoft Support.
   • Clearly state that this is a tenant lockout and that:
     • This is the only global admin account.
     • MFA via SMS is failing with error 399287 (bad reputation on the phone number).
     • The device reset removed the previous MFA configuration.
2. Ask specifically for MFA reset / Data Protection assistance
   The Data Protection team has tools and processes to:
   • Reset MFA for the locked global admin account, and/or
   • Clear the bad-reputation block on the phone number used for SMS verification.
3. Be prepared to verify identity and tenant ownership
   Support will require proof that the caller is the rightful admin for the tenant (business documentation, tenant details, admin UPN, etc.). This is mandatory before they can reset MFA or unblock the number.
4. If normal support routing fails
   • Persist with phone support and explicitly request escalation to the Microsoft 365 Data Protection team for a global admin locked out due to MFA.
   • This is the same path other users with error 399287 and single-admin tenants have used; in those cases, the Data Protection team reset MFA and resolved the bad-reputation block.

Once the Data Protection team completes the reset, sign-in should allow re-registering MFA (for example, re-adding Microsoft Authenticator and/or a working phone number) and the 399287 block on SMS should no longer prevent access.

---

References:

• You don't receive a text or voice call that contains the verification code for Microsoft Entra multifactor authentication
• Can't use Azure Multi-Factor Authentication to sign in to cloud services after you lose your phone or the phone number changes
• Troubleshoot sign-in issues and account access problems
• Common problems with two-step verification for a work or school account
• Microsoft account has been locked
• Microsoft Q&A Unable to Verify Identity for Azure Login – Error 399287
• Azure has blocked myphone number for SMS verification due to a “bad reputation” flag - Microsoft Q&A
• I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
• Severity A Situation - Locked out of global admin account (MFA) - business down - Microsoft Q&A
• Microsoft authenticator sending me into a spiral - Microsoft Q&A