MFA locked out of acount

%3CLINGO-SUB%20id%3D%22lingo-sub-1889909%22%20slang%3D%22en-US%22%3EMFA%20locked%20out%20of%20acount%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1889909%22%20slang%3D%22en-US%22%3E%3CP%3ESo%20I%20recently%20helped%20someone%20from%20an%20other%20organisation%20(npo)%20which%20is%20just%20starting%20up.%20We%20submitted%20for%20the%20NPO%20program%20of%20MS.%20He%20already%20had%20a%20mailbox%20on%20the%20organisation's%20domain%20name%20in%20G%20Suite%2C%20we%20added%20the%20same%20account%20in%20the%20admin%20portal.%20He%20did%20set%20up%20MFA%20as%20suggested%20by%20MS.%20Couple%20of%20weeks%20later%2C%20NPO-submission%20has%20been%20approved%20and%20I%20assigned%20a%20M365%20license%20to%20him.%20When%20he%20wanted%20to%20login%20in%20his%20browser%20he%20realized%20he%20did%20not%20transfer%20the%20Authenticator%20app%20to%20his%20new%20phone.%20He%20tried%20installing%20this%20and%20logging%20in%20to%20his%20account%20but%20this%20didn't%20seem%20to%20work.%20He%20kept%20getting%20the%20pop-up%20to%20approve%20in%20the%20app.%3CBR%20%2F%3EThe%20admin%20center%20doesn't%20state%20MFA%20is%20turned%20on%20for%20this%20account%20so%20I%20can't%20reset%20this...%20I%20tried%20turning%20it%20on%20and%20off%20but%20still%20no%20change.%20The%20only%20options%20to%20login%20are%20the%20pop-up%20in%20the%20app%20or%20the%20code%20in%20the%20app.%20(see%20picture%20below)%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3E%3CSPAN%20class%3D%22lia-inline-image-display-wrapper%20lia-image-align-inline%22%20image-alt%3D%22wo_kn_0-1605519361603.png%22%20style%3D%22width%3A%20400px%3B%22%3E%3CIMG%20src%3D%22https%3A%2F%2Ftechcommunity.microsoft.com%2Ft5%2Fimage%2Fserverpage%2Fimage-id%2F233710i730FE840390EB18B%2Fimage-size%2Fmedium%3Fv%3D1.0%26amp%3Bpx%3D400%22%20role%3D%22button%22%20title%3D%22wo_kn_0-1605519361603.png%22%20alt%3D%22wo_kn_0-1605519361603.png%22%20%2F%3E%3C%2FSPAN%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAnyone%20have%20any%20idea%20what%20to%20do%20here%3F%3CBR%20%2F%3EThere%20doesn't%20seem%20to%20be%20any%20way%20to%20reset%20this...%3C%2FP%3E%3C%2FLINGO-BODY%3E%3CLINGO-LABS%20id%3D%22lingo-labs-1889909%22%20slang%3D%22en-US%22%3E%3CLINGO-LABEL%3EMicrosoft%20365%3C%2FLINGO-LABEL%3E%3C%2FLINGO-LABS%3E%3CLINGO-SUB%20id%3D%22lingo-sub-1890259%22%20slang%3D%22en-US%22%3ERe%3A%20MFA%20locked%20out%20of%20acount%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-1890259%22%20slang%3D%22en-US%22%3Edon't%20you%20will%20lock%20yourself.%3C%2FLINGO-BODY%3E
Occasional Contributor

So I recently helped someone from an other organisation (npo) which is just starting up. We submitted for the NPO program of MS. He already had a mailbox on the organisation's domain name in G Suite, we added the same account in the admin portal. He did set up MFA as suggested by MS. Couple of weeks later, NPO-submission has been approved and I assigned a M365 license to him. When he wanted to login in his browser he realized he did not transfer the Authenticator app to his new phone. He tried installing this and logging in to his account but this didn't seem to work. He kept getting the pop-up to approve in the app.
The admin center doesn't state MFA is turned on for this account so I can't reset this... I tried turning it on and off but still no change. The only options to login are the pop-up in the app or the code in the app. (see picture below)

 

wo_kn_0-1605519361603.png

 

Anyone have any idea what to do here?
There doesn't seem to be any way to reset this...

3 Replies
don't you will lock yourself.

@Josiah_wandera What should I do then? :suprised:

Go to the Azure AD blade > Users > find the user > Authentication methods > Require re-register MFA.