![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(67.2, 52%, 16%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELV%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Because the only verification method is on the lost device, the account’s security info or MFA methods must be reset from outside the normal sign-in flow.
Use the appropriate path based on the type of account:
- Work or school (Azure AD / Microsoft 365) account
- If any alternative method was set up (office phone, SMS, security key, etc.), on the MFA prompt choose “Sign in another way” and complete sign-in using that method, then add a new method and remove the old phone.
- If no other method exists and the lost device was the only factor, contact the organization’s IT/help desk or tenant administrator and request an MFA reset for the account. Admins can clear MFA settings so that registration is required again at next sign-in.
- If this is the only admin account in the tenant and no one can reset MFA, a Microsoft Data Protection case is required. Open a support request via Microsoft support (phone or a separate tenant, as described in the Q&A references) and ask specifically for the Data Protection team to reset the admin’s authentication methods.
- Personal Microsoft account (Outlook.com, Hotmail, etc.)
- If at least one security method (phone/email/app) is still accessible:
- Sign in to the Advanced security options page.
- Select Add a new way to sign in or verify and configure a new phone/email/app.
- After verifying the new method, expand the old (lost) method and select Remove.
- If all security info is lost but the password is known:
- Start sign-in.
- At “Verify your identity”, select “I don't have any of these”.
- Follow the steps to replace the security info. After replacement, there is a 30‑day wait before normal sign-in is allowed.
- If the password is also forgotten and no security info is available, complete the Microsoft account recovery form and wait for the review.
- If at least one security method (phone/email/app) is still accessible:
During the 30‑day security-info replacement period for personal accounts, if the old security info is recovered, it can still be used to sign in, which cancels the pending change.
References:
- Use a screen reader to set up and troubleshoot multifactor authentication
- Sign in using two-step verification or security info
- Troubleshoot Microsoft verification code issues
- Common problems with two-step verification for a work or school account
- Cannot log in Outlook. - Microsoft Q&A
- I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
- Can't sign in to my email - Microsoft Q&A
- How Do I Regain Access to My Account After Losing Access to Microsoft Authenticator? (Urgent Request). - Microsoft Q&A
- Requesting a Tenant Admin MFA Reset - Microsoft Q&A
- What happens if there's an unusual sign-in to your account