![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(275.2, 54%, 36%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ERS%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Because the previous phone is gone and there was no Authenticator backup, the path to get back online depends on the type of account and what other sign-in methods are available.
- Try other verification methods
- When signing in, look for options like “Use a different verification option”, SMS, or email code.
- If SMS or email is available and works, sign in that way and then:
- Go to your account’s security settings and remove the old Authenticator method.
- Add Authenticator again on the new phone.
- If this is a personal Microsoft account and no methods work
- Use the Microsoft account sign-in helper to recover access to the backup account that was used for Authenticator backup or security info: Sign-in helper.
- If still unable to restore Authenticator credentials because the backup account cannot be accessed, support agents cannot recover Authenticator data. In that case, once access to the Microsoft account is regained via the sign-in helper or other verification, add the accounts to Authenticator again using normal setup steps.
- If this is a work or school (business) account
- If there is another admin in the organization, ask them to reset MFA for the account in Microsoft Entra Admin Center (Require re-register multifactor authentication). After that, sign in and reconfigure Authenticator on the new phone.
- If this is the only global admin account and it is locked by MFA:
- Contact Microsoft Support by phone using the Customer service phone numbers - Microsoft Support page and clearly state that this is a tenant admin lockout due to Authenticator on a lost/replaced phone and that there is no other admin.
- Ask to open a ticket with the Data Protection team so they can verify identity and help regain access.
- If direct contact fails, create a temporary trial Microsoft 365 tenant, go to the new tenant’s admin center, and open a support ticket from there requesting Data Protection help for the original tenant, providing the locked tenant’s domain and admin details.
- After access is restored
- Re-add all accounts to Microsoft Authenticator on the new phone.
- For iOS, consider enabling iCloud backup for Authenticator so accounts can be restored in the future.
- Add at least one alternative sign-in method (SMS, email, or another app) so a single device loss does not cause lockout again.
If none of the above methods (alternate verification, sign-in helper, or admin/Data Protection support) are available or successful, the accounts will need to be re-added to Authenticator from scratch once access to each underlying account is independently recovered.
References:
- Restore account credentials from Microsoft Authenticator
- How to go passwordless with your Microsoft account
- Troubleshoot Microsoft verification code issues
- Back up your accounts in Microsoft Authenticator
- Troubleshoot signing in with a passkey
- Troubleshoot problems with Microsoft Authenticator
- Microsoft Authenticator FAQs
- I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
- I need to reset my mfa methods - Microsoft Q&A
- Microsoft authenticator sending me into a spiral - Microsoft Q&A
- Requesting a Tenant Admin MFA Reset - Microsoft Q&A
- Severity A Situation - Locked out of global admin account (MFA) - business down - Microsoft Q&A