![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(92.8, 67%, 18%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ELH%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
To break out of the loop, use an existing verification method first, then fix your sign-in methods; if no other method exists, an admin or support must reset MFA for the account.
- Try another verification method
- For a personal Microsoft account, two-step verification can use:
- Email code
- SMS/phone call
- Any authenticator app
- On the verification screen, choose a different method (for example, “Email” or “Text”) if it is offered.
- Once signed in, go to the Security tab at https://account.microsoft.com/security, select Manage how I sign in, then under Additional security → Two-step verification choose Turn off and then Turn on again to reconfigure. During setup you’ll get a QR code to scan with Microsoft Authenticator.
- If this is a work or school (Microsoft Entra / Microsoft 365) account
- If another MFA method (SMS, phone call, or another app) is available, use it to sign in.
- Then go to https://aka.ms/mysecurityinfo and remove the old Authenticator method and re-add it:
- Delete the existing Authenticator app sign-in method.
- Add a new Authenticator app method and scan the new QR code with the app.
- If the account is managed by an organization and there is an IT admin:
- Ask the admin to go to Microsoft Entra ID → Users → [your user] → Authentication methods → Require re-register multifactor authentication so that you are forced to set up MFA again on next sign-in.
- If no other verification method works and this is a business/tenant admin account
- If this is the only global admin account and no alternative MFA method works, the Microsoft Data Protection team must reset the admin’s MFA.
- Call the regional Microsoft support number listed under Customer service phone numbers - Microsoft Support and request escalation to the Data Protection team for an admin MFA reset, stating that you are the only administrator and are locked out by Authenticator.
- Prevent getting stuck again
- For personal accounts, keep at least two or three security info methods configured (for example, Authenticator + phone + backup email) so that if one fails, another can be used.
- For work/school accounts, ensure at least one backup method (phone/SMS) is added in Security info in addition to the Authenticator app.
References:
- How to use two-step verification with your Microsoft account
- Use a screen reader to set up and troubleshoot multifactor authentication
- Can't set up MFA because five devices are already registered to use an authenticator app
- Common problems with two-step verification for a work or school account
- How Do I Regain Access to My Account After Losing Access to Microsoft Authenticator? (Urgent Request). - Microsoft Q&A
- I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
- Microsoft authenticator sending me into a spiral - Microsoft Q&A
- Requesting a Tenant Admin MFA Reset - Microsoft Q&A
- How to add your accounts to Microsoft Authenticator