Forum Discussion

Milance_74's avatar
Milance_74
Occasional Reader
Feb 22, 2026

Formal Complaint: The UX Failure of Microsoft Authenticator and Teams Guest Access

To the Microsoft Product & Engineering Teams,

 

I am writing this not just as a frustrated user, but as a systems engineer and developer who has just spent several hours navigating the Kafkaesque labyrinth that is your current authentication ecosystem.

 

The transition to a new mobile device while maintaining "Guest" access to an external organization (Rihter d.o.o.) has been an exercise in systemic failure. Specifically, I would like to highlight the following critical UX flaws:

 

The Identity Paradox: Your system’s inability to gracefully handle a personal Outlook account acting as a Guest in an Entra ID tenant is baffling. Receiving the error "You can't sign in here with a personal account" while trying to access a tenant I am already a member of is a fundamental logic failure.

 

Visual Inconsistency (The "Briefcase" vs. "Initials"): The fact that an account can appear in Authenticator as a "One-time password" nalog with initials, yet be completely non-functional for Teams until it is manually re-added as a "Work/School" nalog with a briefcase icon, is a UI disaster.

 

The "Action Required" Loop: I was trapped in a cycle where the app demanded action but provided no path to resolution within the mobile environment. I had to resort to using a desktop browser in Incognito mode just to force the system to generate a valid QR code for the new hardware.

 

Mandatory Hardware Security (Passwordless): Forcing users to implement device-wide PINs or biometrics on their private hardware just to use the "Approve" notification feature is overreach. There should be a clear, frictionless fallback to TOTP codes within Teams without degrading the entire app's functionality.

 

App vs. Web Desynchronization: It is unacceptable that a web browser (in Desktop mode) can successfully authenticate a session while the native Teams app on the same device remains stuck with stale tokens and cached AADSTS90023 errors.

 

As someone who designs low-level architectural specifications (DREL), I find the lack of interoperability and the "black box" nature of these errors (like AADSTS90023) to be a significant step backward for professional productivity.

 

I hope this feedback reaches someone who prioritizes user flow over bureaucratic security layers.

 

Best regards,

 

Milan Lakatoš Petrović Systems Engineer & Freelance Programmer

 

 

 

 

microsoft teams
Settings
tips & tricks
User Interface
No RepliesBe the first to reply