Stuck in a Microsoft 365 MFA Loop?

Are you stuck in a Microsoft 365 MFA Loop and can’t gain access to an account? Well that’s the exact scenario one of our clients were in this week. After being made aware of the pending Microsoft 365 update where they were due to force MFA for accounts a little while ago, they were expecting this change imminently. However upon accepting a calendar invite to an online meeting this triggered the MFA. Not a problem (they thought), and proceeded to follow the onscreen instructions and downloaded the MS authenticator app by visiting https://aka.ms/mfasetup.

They downloaded the app and were asked to log in, all good so far. Then after adding in their username and password (which I can confirm were correct) they were instructed to verify using the authenticator app… wait a minute, you need to verify using the authenticator app, when trying to sign into the authenticator app?

They gave us a call and we followed them through the procedure and confirmed the loop. They had no secondary methods of authentication set up (i.e. phone number), so that wasn’t an option. This gave us a line on how we could solve the problem for them though. A little tinker in the 365 admin console and we were all sorted. How did we solve the conundrum of being stuck in a Microsoft 365 MFA Loop you might ask? Just follow the step by step guide below:

Step by step guide if you’re stuck in a Microsoft 365 MFA Loop?

Step 1: Identify the Microsoft 365 account administrator

1. If you are not the admin: You will need to forward this article to your administrator for them to follow through the steps.
2. If you’re an admin AND stuck in a loop: You will need to contact your service provider OR Microsoft directly explaining the issue.
3. If you’re an admin AND trying to help someone else: Continue working through the next steps.
4. If you’re unsure if whether or not you’re an admin: Click on the 1st link in step 2, if you can see that page, you’re an admin.

Step 2: Log into the admin console and click on users

If you are an admin you will be able to see the admin console https://admin.microsoft.com/. Once logged in click on “Users” and then select the “Multi-factor authentication” menu option.

Step 3: Reset Microsoft Authenticator apps and software OATH tokens

The final step is to click the “Manage user settings” option and once the popup appears select “Require selected users to provide contact methods again” and “save”. This will replicate the 1st time a user gains access to an account prompting them to setup their contact details and 2FA.

note: all direct MS 365 admin links are correct at the time of writing

Step 4: Get the affected user to log in again

The affected user should have no problem re-configuring their contact details and setting up the MS Authenticator application when they next attempt to log in. They will also need to verify a mobile number as a backup to prevent an issue like this from re-occurring. That way if you do not have access to the Authenticator app (i.e. due to changing your phone for instance), then you can still authenticate via an SMS in the future.

You can also download the MS Authenticator app by scanning the below QR codes:

Microsoft 365 Loop QA’s

If you’re asking yourself any of the below questions then the above article will likely provide a solution.

Q) I try to log into the Microsoft Authenticator app and it asks me to verify using the authenticator app?

Q) The Microsoft account I am using is stuck in an authenticator loop?

Q) I can’t set up MS authenticator because it’s asking me to verify using the same app.

A) Yup, definitely run through the steps in the above article.