![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(35.2, 92%, 13%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMD%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Because the only verification methods on the account belong to a former employee, the current user cannot change the phone number or complete MFA alone. An administrator must reset the user’s MFA methods so new ones can be registered.
Steps for the organization’s admin (work/school account):
- Sign in to the Microsoft Entra admin center at https://entra.microsoft.com.
- Go to Users → All users and select the affected user.
- Open Authentication methods.
- Choose Require re-register multifactor authentication (or equivalent option to reset MFA methods).
- Inform the user to sign in again. On next sign-in, they will be prompted to:
- Set up MFA from scratch (e.g., Microsoft Authenticator), and
- Add a correct phone number for text/call verification.
If the stuck user is an end user (not an admin), they must contact the organization’s global/Microsoft 365 admin and request this MFA reset. If the stuck user is the only admin in the tenant, they must contact Microsoft support/data protection as described in the referenced guidance so Microsoft can verify identity and help reset access.
Once MFA is reset and the user can sign in, they can:
- Go to the Security info or Additional security verification page.
- Remove the old phone number.
- Add their own phone number and/or Microsoft Authenticator as new methods.
References: