Someone changed my email but i still have access to my account
My microsoft account got hacked but the hacker didn't change my password, now i'm stuck with this weird email account from russia and dont know what to do... I tried the Recovery form but i tried too many times and now doesn't let me try anymore. What can i do? I'm scared for my account
Microsoft Authenticator Passkeys for Entra ID on unmanaged devices
Hello, has anyone successfully registered passkeys on an unmanaged phone in an organisation with device compliance policies? Use case is to provide a phishing-resistant MFA option via Authenticator app for logging into apps on their desktop. Users already have authenticator app on their phone and do number matching MFA. https://learn.microsoft.com/en-us/entra/identity/authentication/how-to-register-passkey-authenticator?tabs=iOS When I select "Create a passkey" - I need to log into my account. However I'm blocked from successful authentication because I have conditional access policies to require compliant devices. As my mobile phone is not enrolled into Intune, I never get to the step where the passkey is created and registered. Based on the constraints - it seems like passkeys cannot be used for unmanaged/BYOD devices for organisations that have device compliance policies. It can only be used for users who have enrolled their mobile phone. Looking to see if anyone has tips or different experience using passkeys on unmanaged mobile phones to log into Entra?Does MC1189663 Impact Standard Power Automate Approvals?
Hi everyone After reviewing the change described in MC1189663 (retirement of external access tokens for actionable messages), I'm unsure wheter this also affect the out-of-the-box Standard Approval action in Power Automate. My question is specifically about the default "Start and wait for an approval" / "Standard Approval" action with no special configuration. Does this change impact approval emails or actionable messages generated by the Standard Approval action for internal usage (mails to internal accounts), or will those continue to work without modification? Thanks in advance for any clarification.Request to enable preview feature - Face Check with CAP
Dear Microsoft, I am on a business premium plan for my home test tenant. I cannot raise ticket nor do I have an account manager. I know this is in private preview. I would like my tenant to be enabled to test this new Verified ID feature to have "Face Check" in CAP as one of the Grant conditions. tenant id: bc85b508-0107-4472-a49c-fc8cefd4f0d7 Thank you.
Global Secure Access - Conditional Access Require GSA - Android Blocked
Hello all, I am currently working on deploying Global Secure Access client with Microsoft Forward Traffic profile and a conditional access policy to block access to M365 services unless connected through the GSA client. I have this working as I want it for Windows and mobile devices in a tenant we use for development. However, when I set this up at our live tenant, I cannot get the Android device to work. My setup is a Personally Owned Work Profile with the Defender app deployed and configured to enable GSA. I can connect to Global Secure Access and it does show some traffic tunneling to Microsoft. However, when I go to login to another app like Outlook, it blocks the sign-in. This is not the case for an iPhone I have personally enrolled and my Entra Joined laptop. Upon investigation of any differences between our development tenant (working fully) and our tenant (Android not working) I found that in the GSA section under Services, there is an extra service called “Microsoft Entra Channel Access”. This service does not show up when I am logged in our developer tenant. Even on the same phone by removing work profiles and signing in to both tenants, our live tenant shows the new channel, and the developer tenant does not have it. I did some log review with the advanced diagnostics feature and the app and noted a few things I am lead to believe that the issue is with this new Entra Channel that has been deployed to our live tenant and not to our dev tenant yet. When I go to sign-in to the Outlook application in the work profile for the developer tenant, I can see the authentication traffic being tunneled through the Microsoft 365 profile. (login.live.com, login.microsoftonline.com, and aadcdn.msftauth.net). However, in our production tenant when doing the same test I do not see those destinations being tunneled at all. I do see the traffic being collected in the “Hostname” section, but is not being tunneled. Another interesting point with this is that on an iPhone I am testing; I do see the authentication destinations being tunneled through the Entra Channel. Here are the screenshots of my findings. https://imgur.com/a/82r3HQC I have an open Microsoft support case and hoping to get the attention of a Microsoft employee or MVP who may be able to get this in front of the Entra product team to see if this is a bug.Journey to Passwordless Authentication Might Include Some Bumps
Microsoft recommends passwordless authentication to help secure Microsoft 365 tenants. The latest is synced passkeys, something that apparently leads to “syncability,” whatever that might mean. In any case, after some struggles, I managed to enable synched passkeys for my iPhone and then started to consider how to remediate user accounts that are flagged with a high-risk (compromised) status when they can’t simply update their password. https://office365itpros.com/2025/12/04/passwordless-authentication/Microsoft authenticator
Good day. I’d like to ask how to solve a problem with Microsoft Authenticator. A Microsoft Authenticator suddenly appeared on my account out of nowhere, and I can’t remove it because I’ve lost access to the account. Logging in with a password doesn’t work, it can’t send an SMS to my phone, and the account is logged out everywhere. As far as I remember, I never set up Microsoft Authenticator.
Locked out because of bugged 2FA
Hello, I have one irritating problem. I did a reset of my microsoft authenticator app since it stopped working, i did not save the Authenticators security code, i got 2FA activated on my account. Now i have been trying to log in on my microsoft account for one month without succes. The 3 options i have for 2FA is Code to external my gmail - This works 2 times a day, then locked for 24h Code by text to my cellphone - This does not work when trying to log in, i get the error "Try another verification method, this method does not work at the moment". I know it works, its just in the combination with 2FA it wont work. Microsoft Authenticator - I cannot log into this one since the textmessage does not work on 2FA-login. I have been in a loop for the last month, i cant log into my ordinary e-mail, xbox and so on. Im still logged in on my computer and cellphone at the moment but im afraid it will time out very soon. Microsoft support says that they cannot do anything about it, it is only a server doing all the security. I cant remove 2FA on the account im still logged into, i need 2FA for that. Help!
Microsoft Authenticator issues
I’m simply locked out of my personal account because I lost access to my 2FA and the recovery form rejects due to active two-step verification. I’ve tried my verifying email and phone number but it rejects is due the active two step verification. I need manual identity verification or an escalation so my 2FA can be reset. Can you point me to the correct support channel for personal account recovery, because the link you sent is not working
