Microsoft Office 365 still locks out people who use multifactor authentication, Azure back
Microsoft is working on a problem that prevents multifactor authentication users from logging in.
People are having issues accessing their Microsoft Office 365 accounts.
On Monday, Microsoft customers who use multifactor authentication (MFA) were locked out of their Office 365 accounts. As of right now, it seems like the problem remains. Microsoft's Office 365 status page shows that people may be unable to sign in using MFA, and affected users may be unable to carry out self-service passwords resets.
Two-factor and multifactor authentication involves using an extra step (like a phone number or verification code) in addition to your login credentials. This makes it harder for people to log in to your account if they have your username and password. If you use Office 365 -- Microsoft's subscription to its Office products like Outlook, Word, PowerPoint and Excel -- for work, then MFA is appealing because it gives your account an extra layer of security.
Unfortunately, this extra layer of security is the reason some people are locked out.
According to the status page, the problem was caused by "A recent update to the MFA service introduced a coding issue that prevented users from being able to sign in or carry out self-service password resets when using MFA for authentication." But the status page also says that some people are successfully logging in.
The problem comes at an awkward time. Microsoft on Tuesday activated a new ability to log onto Windows accounts, including Office 365 accounts, with advanced multifactor authentication technology using hardware keys and requiring no password at all.
Microsoft Azure -- the company's cloud computing service -- was experiencing similar issues with MFA on Monday. Now it seems like that issue was resolved.
Microsoft didn't immediately respond to a request for comment.
First published Nov. 19 at 10:10 a.m. PT.
Update, Nov. 20 at 8:35 a.m. PT: Update reflects that Office 365 is still experiencing issues, while Azure seems to be fixed.
9:34 a.m. PT: Adds a reference to Microsoft's effort to move to no-password authentication for Microsoft accounts.
