Share via

MFA locked out of Azure account

Jamil Gadasov 0 Reputation points
2026-05-06T06:22:17.4666667+00:00

Hello,

I am experiencing a critical issue accessing my Microsoft account: ******@mmc96.onmicrosoft.com

After resetting my phone, I lost access to the Microsoft Authenticator app. Now I am stuck in a loop:

  • When I try to sign in, I am required to approve the login via the Authenticator app.
  • But when I try to access or restore the Authenticator app, it requires me to sign in to the same account.

This creates a circular situation where: I cannot sign in without the Authenticator, and I cannot access the Authenticator without signing in.

Because of this, I am completely locked out of my account, even though I know my password.

I would like to clarify that:

  • I know my account password
  • I have access to the email used during account creation: ******@yahoo.com

However, no alternative verification methods (such as SMS or email) are offered during sign-in.

Also, this is a personal Azure tenant that I created myself for learning purposes, and I am the only administrator. There is no other admin I can contact to reset or disable MFA.

At the moment, I am unable to access my account at all due to this logical deadlock. Additionally, this account may contain my personal data, and I currently have no way to access or delete it.

I kindly ask for your assistance in:

  • Breaking this authentication loop
  • Resetting or disabling MFA for my account
  • Helping me regain access

I am ready to provide any necessary information to verify my identity.

Thank you for your time and support.

Kind regards, Jamil GadashovHello,

I am experiencing a critical issue accessing my Microsoft account:
******@mmc96.onmicrosoft.com

After resetting my phone, I lost access to the Microsoft Authenticator app.
Now I am stuck in a loop:

  • When I try to sign in, I am required to approve the login via the Authenticator app.
  • But when I try to access or restore the Authenticator app, it requires me to sign in to the same account.

This creates a circular situation where:
I cannot sign in without the Authenticator, and I cannot access the Authenticator without signing in.

Because of this, I am completely locked out of my account, even though I know my password.

I would like to clarify that:

  • I know my account password
  • I have access to the email used during account creation: ******@yahoo.com

However, no alternative verification methods (such as SMS or email) are offered during sign-in.

Also, this is a personal Azure tenant that I created myself for learning purposes, and I am the only administrator.
There is no other admin I can contact to reset or disable MFA.

At the moment, I am unable to access my account at all due to this logical deadlock.
Additionally, this account may contain my personal data, and I currently have no way to access or delete it.

I kindly ask for your assistance in:

  • Breaking this authentication loop
  • Resetting or disabling MFA for my account
  • Helping me regain access

I am ready to provide any necessary information to verify my identity.

Thank you for your time and support.

Kind regards,
Jamil Gadashov

contact me : ******@gmail.com

                 ********@yahoo.com**
Microsoft Security | Microsoft Authenticator

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-05-06T06:22:45.5266667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Because the account is protected by Microsoft Entra/Azure MFA and there is no second administrator on the tenant, this situation must be handled by Microsoft support/Data Protection; it cannot be fixed from the sign-in page alone.

    Based on the documented patterns for similar cases, the recovery path is:

    1. If there is any other Global Administrator in the tenant
      • That admin signs in to the Microsoft Entra admin center.
      • Goes to Identity > Users > All users.
      • Selects the locked-out user account.
      • Opens Authentication methods and selects Require re-register multifactor authentication.
      • After that, the next sign-in for the locked-out account will prompt to set up MFA again, breaking the loop.
      This is the standard fix when another admin exists.
    2. If there is no other Global Administrator (your case)
      • This is treated as a tenant lockout / sole-admin lockout scenario.
      • The only supported resolution is through Microsoft’s Data Protection / Tenant Recovery process.
      • To start that process, contact Microsoft support by phone using the Customer service phone numbers - Microsoft Support page referenced in the documentation.
      • When calling, clearly state:
        • The issue is Authenticator / MFA lockout.
        • The product is Office 365/Azure for business.
        • It is a company/organizational account, not personal consumer.
        • You are the only Global Administrator for the tenant.
        • You are completely locked out and need the Data Protection team to reset MFA / restore access.
      • The frontline agent will create a service request and route it to the Data Protection/Tenant Recovery team, who will verify identity and ownership and then reset MFA or otherwise restore access.
    3. If phone support is difficult to reach
      • One documented workaround is to create a new trial Microsoft 365/Azure tenant solely to open a support ticket:
        • Sign up for a Microsoft 365 or Azure trial and complete tenant creation.
        • In the new tenant’s Microsoft 365 Admin Center, go to Support > Help & support.
        • Open a ticket explicitly stating that you are locked out of a different existing tenant where you are the only Global Administrator and need Data Protection to reset MFA.
        • Provide the locked-out tenant’s domain (for example, mmc96.onmicrosoft.com) and admin UPN, plus the error behavior.
      • Support will then contact you, verify identity, and work on the original tenant. The trial tenant is only a channel to reach support.
    4. Personal data in the tenant
      • Only the Data Protection/Tenant Recovery process can restore access or perform actions such as resetting MFA so that you can sign in and manage or delete your personal data in that tenant.

    There is no self-service method to bypass or disable MFA in this scenario when:

    • MFA is enforced,
    • Microsoft Authenticator is the only registered method, and
    • there is no other Global Administrator who can reset your MFA.

    References:

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.