Security Info Replacement

Question

THIS IS EXTREMELY DISAPPOINTING, I recently updated my bios on my PC at home and now it is requiring me to reset my pin to get into the PC because I have 2 step verification enabled, and I don’t have access to the Authenticator app like I used to, now I’m LOCKED OUT OF MY PC FOR 30 DAYS, I’ve looked online and saw multiple other people complaining about this issue, it’s an ABSOLUTE SHAME MICROSOFT OR ANYONE ON THE TEAM HAS DONE NOTHING ABOUT THIS ISSUE ENTIRELY, THERE HAVE BEEN NO CHANGES TO THIS PROCESS FOR OVER A DECADE, PEOPLE HAVE BEEN GIVING FEEDBACK AND LETTING YOU KKOW HOW STUPID AND UNNECESSARY THIS PROCEDURE IS, WE NEED ANOTHER WAY AROUND THIS THAT DOES NOT INVOLVE WAITING 30 DAYS, I WORKED ON SITE AT AN UNIVERSITY THAT UTILIZED MICROSOFT ACCOUNTS FOR EVERYTHING, CHANGING SOMEONE’S RECOVERY INFO ISNT HARD WHAT SO EVER AND IT DOESNT TAKE LONG, DO SOMETHING ABOUT THIS PLEASE FOR THE SAKE OF ALL MICROSOFT USERS

Answer 1

The 30-day restriction is enforced when all existing security info (alternate email, phone, etc.) on a Microsoft account is removed and replaced. This puts the account into a restricted state for 30 days to protect against unauthorized changes.

When this happens, messages such as “Your security info change is still pending” or “You can’t access this site right now” appear. During this period:

• Most Microsoft services can still be accessed (signing in to Xbox, Skype, Outlook.com, OneDrive, etc.), but sensitive areas that require extra verification are blocked.
• If two-factor verification was turned on, access is more limited; the options are to wait the 30 days or cancel the request if that option is available.

The 30-day period cannot be expedited, but there are two built-in options depending on who initiated the change:

1. If the security info was removed by the account owner:
   • Sign in to the Security page for the Microsoft account.
   • In the “Your security info change is still pending” window, select cancel this request and follow the prompts.
   • Access to the previous security proofs is required to complete the cancellation.
2. If the security info was not removed by the account owner (possible compromise):
   • Sign in to the same Security page.
   • In the “Your security info change is still pending” window, select let us know and follow the prompts to report unauthorized changes.

If neither path is usable and all security info has been replaced, the only supported option is to wait for the 30-day period to complete. This behavior is by design to protect accounts when all security info is changed.

After regaining full access, recommended practices to avoid this situation include:

• Avoid changing all security info at once.
• Ensure more than one security option is configured (for example, authenticator app plus phone or email).
• Regularly review security info to keep it valid.

---

References:

• What does “Security info change is still pending” mean?
• Common problems with two-step verification for a work or school account
• Troubleshoot Microsoft verification code issues
• How to use two-step verification with your Microsoft account