![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(249.60000000000002, 69%, 34%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJG%3C/text%3E%3C/svg%3E)
Microsoft Security | Microsoft Authenticator
A Microsoft app for iOS and Android devices that enables authentication with two-factor verification, phone sign-in, and code generation
Because the Authenticator app data was cleared, the existing MFA registration on the account no longer matches any device, so the app cannot generate or approve codes and access to the Microsoft 365 admin center is blocked.
Resolution depends on whether there is another admin or another MFA method available:
- Try any alternative MFA method
- On the sign-in screen, when prompted for Microsoft Authenticator, choose Use a different verification option (if shown) and select SMS, phone call, or another method that was previously configured.
- If another method works, sign in and then:
- Go to the security info page at
https://aka.ms/mysecurityinfo. - Remove the broken Authenticator method.
- Add the Microsoft Authenticator app again by following the prompts.
- Go to the security info page at
- If another admin exists in the tenant
- Ask that admin to reset MFA for the affected account:
- Go to the Microsoft Entra admin center.
- Navigate to Users → select the user → Authentication methods.
- Select Require re-register multifactor authentication.
- After this, sign in again; the account will be prompted to set up Authenticator from scratch and a new QR code can be scanned.
- Ask that admin to reset MFA for the affected account:
- If this is the only admin account and there is no alternative MFA method
- This is a lockout scenario similar to those described where the only admin loses Authenticator access.
- Contact Microsoft’s Data Protection team via the regional Customer service phone numbers - Microsoft Support line. Frontline support must raise a ticket to reset the admin’s MFA:
- Clearly state that this is an Office 365/Microsoft 365 for business account.
- Confirm it is a company account and that this is the only administrator.
- Request a service ticket with the Data Protection team to reset MFA for the tenant admin.
- If direct contact is difficult, one documented workaround is to create a temporary trial tenant, use its admin center to open a support ticket, and ask support to involve the Data Protection team for the original tenant.
Once MFA is reset by an admin or by Microsoft support, sign in again, complete the new MFA registration, and re-add the Microsoft Authenticator app on the current phone. Do not clear the app’s data or remove it afterward, as ongoing access to MFA-protected resources depends on it.
References:
- Common problems with two-step verification for a work or school account
- How to add your accounts to Microsoft Authenticator
- Can't set up MFA because five devices are already registered to use an authenticator app
- I need to reset my mfa methods - Microsoft Q&A
- Microsoft authenticator sending me into a spiral - Microsoft Q&A
- I have a Micrsoft business account and I am the admin and the only user registered under this account. I can't log in because i have replaced my phone and the authenticator doesn't work. - Microsoft Q&A
- Microsoft Authenticator app doesn't show 6-digit OTP code - Microsoft Q&A
- Requesting a Tenant Admin MFA Reset - Microsoft Q&A
- Microsoft Curate - Troubleshoot Multi-Factor Authentication (MFA)
- Microsoft Invest - Troubleshoot Multi-Factor Authentication (MFA)