MFA - authentication failing to work

Contributor

We've got an issue where authentication suddenly stops working (seems to affect any methods registered for affected users). When they try to authenticate they get the message that 'Your sign-in was successful, but does not meet the criteria to access the resource'. No changes have been made to the MFA policies, and many of these users / devices have been authenticating with no problem for many months.

 

I have found that deleting all the MFA methods for the user in Azure AD and getting them to re-register seems to work (in the case of one user, it failed again after a few days and required the same treatment again). Has anyone come across this issue? Can't currently see any clear cause - and given that re-enrolling the authentication device always works, it would appear not to be an issue with the MFA policies.

 

Thanks

6 Replies
This is most likely happening due to conditional access policies being introduced. If not CA, someone could possibly have turned on Security defaults.

https://learn.microsoft.com/en-us/azure/active-directory/fundamentals/concept-fundamentals-security-...
Thanks, but I'm 99% sure there have been no new policies or changes to the settings - only two of us are sysadmins and we are sure that we've not touched those settings for months.

Unless MS has introduced some changes and enabled them by default?
Thanks - have checked now and they are not enabled.

Perhaps a support ticket here.. I noticed I cannot even access my security info right now, looping over and over. Even when turning all my policies off.

I've had a ticket open for a few days - Microsoft are not being very helpful!