Sole Microsoft 365 Admin Locked Out After Phone Replacement / Lost MFA Device
I am the sole admin for a Microsoft 365 tenant and I am currently locked out after replacing my phone. The old phone was wiped before Microsoft Authenticator was fully re-registered on the new device. Authenticator was the only MFA method configured on the account. Current situation: password is known, Teams desktop sessions are still active, Authenticator cloud backup restored successfully, but all Microsoft security and admin pages still require approval from the old Authenticator registration. I cannot access Security Info, Entra Admin, or Microsoft 365 Admin Center because every path loops back to the dead MFA registration. I have already attempted Microsoft business support phone lines, Authenticator restore and recovery, and existing desktop sessions, but support queues are disconnecting and I cannot open business support tickets because the admin account itself is MFA locked. Tenant: lowepfg.onmicrosoft.com What is the fastest recovery or escalation path to force MFA reset or re-register Microsoft Authenticator for the tenant admin account?Microsoft 365 Security Best Practices for Enterprises
In today’s digital-first workplace, Microsoft 365 has become the backbone of enterprise productivity. From email and file storage to collaboration tools like Teams and SharePoint, it centralizes critical business operations. But with this convenience comes a growing attack surface. Cyber threats are evolving rapidly, and enterprises can no longer rely on default security settings alone. A proactive, layered approach to Microsoft 365 security is essential. https://dellenny.com/microsoft-365-security-best-practices-for-enterprises/
Bitlocker locking me out of laptop computer
I tried to start-up my laptop yesterday and I got a blue "Bitlocker" screen come up and it is asking for a recovery key. It notes the reason "..because Secure Boot policy has changed." I never installed Bitlocker, or set-up. Frankly, I never heard of it. I checked my microsoft log in and there was no bitlocker recovery key in there either. I haven't made any changes to the computer recently. Computer is an HP Envy with solid state drive I believe I am at a loss as to how to deal with this without loosing my data. I spoke to three computer guys and they were not familiar with the Bitlocker. Any assistance would be greatly appreciated.I built a free, open-source M365 security assessment tool - looking for feedback
I work as an IT consultant, and a good chunk of my time is spent assessing Microsoft 365 environments for small and mid-sized businesses. Every engagement started the same way: connect to five different PowerShell modules, run dozens of commands across Entra ID, Exchange Online, Defender, SharePoint, and Teams, manually compare each setting against CIS benchmarks, then spend hours assembling everything into a report the client could actually read. The tools that automate this either cost thousands per year, require standing up Azure infrastructure just to run, or only cover one service area. I wanted something simpler: one command that connects, assesses, and produces a client-ready deliverable. So I built it. What M365 Assess does https://github.com/Daren9m/M365-Assess is a PowerShell-based security assessment tool that runs against a Microsoft 365 tenant and produces a comprehensive set of reports. Here is what you get from a single run: 57 automated security checks aligned to the CIS Microsoft 365 Foundations Benchmark v6.0.1, covering Entra ID, Exchange Online, Defender for Office 365, SharePoint Online, and Teams 12 compliance frameworks mapped simultaneously -- every finding is cross-referenced against NIST 800-53, NIST CSF 2.0, ISO 27001:2022, SOC 2, HIPAA, PCI DSS v4.0.1, CMMC 2.0, CISA SCuBA, and DISA STIG (plus CIS profiles for E3 L1/L2 and E5 L1/L2) 20+ CSV exports covering users, mailboxes, MFA status, admin roles, conditional access policies, mail flow rules, device compliance, and more A self-contained HTML report with an executive summary, severity badges, sortable tables, and a compliance overview dashboard -- no external dependencies, fully base64-encoded, just open it in any browser or email it directly The entire assessment is read-only. It never modifies tenant settings. Only Get-* cmdlets are used. A few things I'm proud of Real-time progress in the console. As the assessment runs, you see each check complete with live status indicators and timing. No staring at a blank terminal wondering if it hung. The HTML report is a single file. Logos, backgrounds, fonts -- everything is embedded. You can email the report as an attachment and it renders perfectly. It supports dark mode (auto-detects system preference), and all tables are sortable by clicking column headers. Compliance framework mapping. This was the feature that took the most work. The compliance overview shows coverage percentages across all 12 frameworks, with drill-down to individual controls. Each finding links back to its CIS control ID and maps to every applicable framework control. Pass/Fail detail tables. Each security check shows the CIS control reference, what was checked, what the expected value is, what the actual value is, and a clear Pass/Fail/Warning status. Findings include remediation descriptions to help prioritize fixes. Quick start If you want to try it out, it takes about 5 minutes to get running: # Install prerequisites (if you don't have them already) Install-Module Microsoft.Graph, ExchangeOnlineManagement -Scope CurrentUser Clone and run git clone https://github.com/Daren9m/M365-Assess.git cd M365-Assess .\Invoke-M365Assessment.ps1 The interactive wizard walks you through selecting assessment sections, entering your tenant ID, and choosing an authentication method (interactive browser login, certificate-based, or pre-existing connections). Results land in a timestamped folder with all CSVs and the HTML report. Requires PowerShell 7.x and runs on Windows (macOS and Linux are experimental -- I would love help testing those platforms). Cloud support M365 Assess works with: Commercial (global) tenants GCC, GCC High, and DoD environments If you work in government cloud, the tool handles the different endpoint URIs automatically. What is next This is actively maintained and I have a roadmap of improvements: More automated checks -- 140 CIS v6.0.1 controls are tracked in the registry, with 57 automated today. Expanding coverage is the top priority. Remediation commands -- PowerShell snippets and portal steps for each finding, so you can fix issues directly from the report. XLSX compliance matrix -- A spreadsheet export for audit teams who need to work in Excel. Standalone report regeneration -- Re-run the report from existing CSV data without re-assessing the tenant. I would love your feedback I have been building this for my own consulting work, but I think it could be useful to the broader community. If you try it, I would genuinely appreciate hearing: What checks should I prioritize next? Which security controls matter most in your environment? What compliance frameworks are most requested by your clients or auditors? How does the report land with non-technical stakeholders? Is the executive summary useful, or does it need work? macOS/Linux users -- does it run? What breaks? I have tested it on macOS, but not extensively. Bug reports, feature requests, and contributions are all welcome on GitHub. Repository: https://github.com/Daren9m/M365-Assess License: MIT (free for commercial and personal use) Runtime: PowerShell 7.x Thanks for reading. Happy to answer any questions in the comments.
My microsoft account got hacked: Need actual support (Not copy and pasted ones)
My account got hacked, i dont know how but im sure 2fa is turned on and hackers still got in. I dont understand why there wasnt any emails about it going through my email that someone logged in in my microsoft account. I had things connected to that account such as school and some game like minecraft. Currently my java minecraft is non existence and is deleted from minecraft forever because i cant find it in namemc, but my xbox gamer tag is still alive so it also confirms that it indeed had an association with my account before. The hacker changed the email of my account that cause my email to be non-existence in the microsoft system. (This is very huge flaw of microsoft, i hope before we do any changes in the account, it is first confirmed in the email address if this email should really be added to that microsoft account) But i do have evidence that it was indeed associated with it before the hacker change the email and its even confirmed by microsoft website, i also got the full email of the hackers email that was used on my account. I tried everything from contacting support to the account recovery form. But nothing works, i tried cursing the fake email of the hacker that was currently occupying my account, but recieved no response. I am in dilema on what to do now, this account has been with me ever since my email was created. I just hoped that i get it back, i could provide evidences. But its been getting ignored apparently.
