There are some common two-step verification problems that seem to happen more frequently than any of us would like. We've put together this article to describe fixes for the most common problems.
Your Azure Active Directory (Azure AD) organization can turn on two-step verification for your account. When two-step verification is on, your account sign-in requires a combination of the following data:
-
Your user name
-
Your password
-
A mobile device or phone
Two-step verification is more secure than just a password, because two-step verification requires something youknowplus something youhave. No hacker has your physical phone.
Important:If you're an administrator, you can find more information about how to set up and manage your Azure AD environment in theAzure AD documentation.
This content can help you with your work or school account, which is the account provided to you by your organization (for example, dritan@contoso.com). If you're having problems with two-step verification on a personal Microsoft account, which is an account that you set up for yourself (for example, danielle@outlook.com), seeTurning two-stepverification on or off for your Microsoft account.
I don't have my mobile device with me
It happens. You left your mobile device at home, and now you can't use your phone to verify who you are. Maybe you previously added an alternative method to sign in to your account, such as through your office phone. If so, you can use this alternative method now. If you never added an alternative verification method, you can contact your organization's Help desk for assistance.
-
Sign in to your account but select theSign in another waylink on theTwo-factor verificationpage.
-
If you don't see theSign in another waylink, it means that you haven't set up any other verification methods. You'll have to contact your administrator for help signing into your account.
-
Choose your alternative verification method, and continue with the two-step verification process.
I can't turn two-step verification off
-
If you're using two-step verification with a personal account for a Microsoft service, like alain@outlook.com, you canturn the feature on and off.
-
If you're using two-step verification with your work or school account, it most likely means that your organization has decided you must use this added security feature. There is no way for you to individually turn it off.
-
If you can't turn off two-stepverification, it could also be because of the security defaults that have been applied at the organization level. For more information about security defaults, seeWhat are security defaults?
(Video) STOP using this Two-Factor Authentication (2FA) method!
My device was lost or stolen
If you've lost or had your mobile device stolen, you can take either of the following actions:
-
Sign in using a different method.
-
Ask your organization's Help desk to clear your settings.
We strongly recommend letting your organization's Help desk know if your phone was lost or stolen. The Help desk can make the appropriate updates to your account. After your settings are cleared, you'll be prompted toregister for two-factor verificationthe next time you sign in.
I can't sign in after multiple attempts
Azure MFA detects unusual activity like repeated sign-in attempts, and may prevent additional attempts to counter security threats. If you've mistakenly made many sign-in attempts, wait until you can try again, or use a different MFA method for sign-in. If you suspect someone else is trying to access your account, contact your administrator. The error could be caused by malicious activity, misconfigured MFA settings, or other factors. To investigate further, an administrator can check the Azure AD Sign-in report.
I'm not receiving the verification code sent to my mobile device
Not receiving your verification code is a common problem. The problem is typically related to your mobile device and its settings. Here are some suggestions that you can try.
| Suggestion | Guidance |
| Use the Microsoft authenticator app or Verification codes | You are getting “You've hit our limit on verification calls” or “You’ve hit our limit on text verification codes” error messages during sign-in. Microsoft may limit repeated authentication attempts that are perform by the same user in a short period of time. This limitation does not apply to the Microsoft Authenticator or verification code. If you have hit these limits, you can use the Authenticator App, verification code or try to sign in again in a few minutes. You are getting "Sorry, we're having trouble verifying your account" error message during sign-in. Microsoft may limit or block voice or SMS authentication attempts that are performed by the same user, phone number, or organization due to high number of failed voice or SMS authentication attempts. If you are experiencing this error, you can try another method, such as Authenticator App or verification code, or reach out to your admin for support. |
| Restart your mobile device | Sometimes your device just needs a refresh. When you restart your device, all background processes and services are ended. The restart also shuts down the core components of your device. Any service or component is refreshed when you restart your device. |
| Verify that your security information is correct | Make sure your security verification method information is accurate, especially your phone numbers. If you put in the wrong phone number, all of your alerts will go to that incorrect number. Fortunately, that user won't be able to do anything with the alerts, but it also won't help you sign in to your account. To make sure your information is correct, see the instructions in theManage your two-factor verification method settingsarticle. |
| Verify that your notifications are turned on | Make sure your mobile device has notifications turned on. Ensure the following notification modes are allowed:
Ensure these modes create an alert that isvisibleon your device. |
| Make sure you have a device signal and Internet connection | Make sure your phone calls and text messages are getting through to your mobile device. Have a friend call you and send you a text message to make sure you receive both. If you don't receive the call or text, first check to make sure your mobile device is turned on. If your device is turned on, but you're still not receiving the call or text, there's probably a problem with your network. You'll need to talk to your provider. If you often have signal-related problems, we recommend you install and use theMicrosoft Authenticator appon your mobile device. The authenticator app can generate random security codes for sign-in, without requiring any cell signal or Internet connection. |
| Turn off Do not disturb | Make sure you haven't turned on theDo not disturbfeature for your mobile device. When this feature is turned on, notifications aren't allowed to alert you on your mobile device. Refer to your mobile device's manual for instructions about how to turn off this feature. |
| Unblock phone numbers | In the United States, voice calls from Microsoft come from the following numbers: +1 (866) 539 4191, +1 (855) 330 8653, and +1 (877) 668 6536. |
| Check your battery-related settings | If you set your battery optimization to stop less frequently used apps from remaining active in the background, your notification system has probably been affected. Try turning off battery optimization for both your authentication app and your messaging app. Then try to sign in to your account again. |
| Disable third-party security apps | Some phone security apps block text messages and phone calls from annoying unknown callers. A security app might prevent your phone from receiving the verification code. Try disabling any third-party security apps on your phone, and then request that another verification code be sent. |
I'm not being prompted for my second verification information
You sign in to your work or school account by using your user name and password. Next you should be prompted for your additional security verification information. If you are not prompted, maybe you haven't yet set up your device. Your mobile device must be set up to work with your specific additional security verification method.
Maybe you haven't set up your device yet. Your mobile device has to be set up to work with your specific additional security verification method. For the steps to make your mobile device available to use with your verification method, seeManage your two-factor verification method settings. If you know that you haven't set up your device or your account yet, you can follow the steps in theSet up my account for two-step verificationarticle.
I have a new phone number and I want to add it
If you have a new phone number, you'll need to update your security verification method details. This enables your verification prompts to go to the right location. To update your verification method, follow the steps in theAdd or change your phone numbersection of theManage your two-factor verification method settingsarticle.
I have a new mobile device and I want to add it
If you have a new mobile device, you'll need to set it up to work with two-factor verification. This is a multi-step solution:
-
Set up your device to work with your account by following the steps in theSet up my account for two-step verificationarticle.
-
Update your account and device information in theAdditional security verificationpage. Perform the update by deleting your old device and adding your new one. For more information, see theManage your two-factor verification method settingsarticle.
Optional steps:
-
Install the Microsoft Authenticator app on your mobile device by following the steps in theDownload and install the Microsoft Authenticator apparticle.
-
Turn on two-factor verification for your trusted devices by following the steps in theTurn on two-factor verificationprompts on a trusted devicesection of theManage your two-factor verification method settingsarticle.
I'm having problems signing in on my mobile device while traveling
You might find it more difficult to use a mobile device-related verification method, like a text messaging, while you're in an international location. It's also possible that your mobile device can cause you to incur roaming charges. For this situation, we recommend you use the Microsoft Authenticator app, with the option to connect to a Wi-Fi hot spot. For more information about how to set up the Microsoft Authenticator app on your mobile device, see theDownload and install the Microsoft Authenticator apparticle.
I can't get my app passwords to work
App passwords replace your normal password for older desktop applications that don't support two-factor verification. First, make sure you typed the password correctly. If that doesn't fix it, try creating a new app password for the app. Do this by creating theapp passwords using the My Apps portalas described inManage app passwords for two-step verification.
I didn't find an answer to my problem
If you've tried these steps but are still running into problems, contact your organization's Help desk for assistance.
Tip:If you're a small business owner looking for more information on how to get Microsoft 365 set up, visit .
Recommended articles
Manage your two-factor verification method and settings
Turning two-step verification on or off for your Microsoft account
Set up password reset verification for a work or school account
Install and use the Microsoft Authenticator app
Check that Windows is activated
FAQs
What is the problem with two step verification? ›
Criminals can call users and pose as banks or trusted agents and ask to confirm the passcode that was sent to them, or provide links to spoofed websites through phishing attacks. They can also pose as users and contact cell phone carriers in an attempt to carry out a SIM cloning attack.
How reliable is 2 step verification? ›When Faced With the Question, Is 2-Step Verification Safe? The answer is a sure yes. However, it is not foolproof. There should be additional measures to further prevent hackers from infiltrating the user's accounts.
Why is Authenticator not working? ›If your Google Authenticator app is not working, either on Android or iPhone, there may be a glitch with the time sync. Fortunately, it's easy to fix this if Google Authenticator has stopped working. Here's how. All you have to do is make sure your Google Authenticator app's time is synced correctly.
What is the security issue of 2 factor authentication? ›SIM Hacking
The most critical vulnerability in 2FA is the ability to hack the SIM card in a mobile device. A cybercriminal who hacks the user's SIM card is able to access the recipient's phone number used for two-factor authentication, allowing them to receive the OTP and gain access to the user's account.
“Just by enabling two-factor authentication, you can't relax…a smart attacker could get access to your account,” Mitnick said in an interview with CNBC. He is the chief hacking officer at KnowBe4, a cybersecurity company that trains people to spot phishing, or spoofed emails.
What are the pros and cons of using two-factor authentication? ›The main advantage of two-factor authentication is the increased login security. As for the shortcomings, the main two being the increase in the time of entry into the system and the risk of losing the physical media serving to pass one of the authentication steps (mobile phone, U2F key, OTP-token).
What is better than 2 step verification? ›Multi-Factor Authentication: A Step Beyond
First: All other things being equal, MFA is always more secure than 2FA.
To use two-factor authentication, you need at least one trusted phone number on file where you can receive verification codes. If you have a phone number that isn't associated with your trusted device, consider verifying it as an additional trusted phone number.
Why does it keep saying my verification code is incorrect? ›The most common cause for "Incorrect Code" errors is that the time on your device is not synced correctly. To make sure that you have the correct time in your Google Authenticator app, follow the instructions for your operating system below. On Android: Go to the Main Menu on the Google Authenticator app.
Why am I not getting my 2 step verification code? ›Disable any apps filtering or interfering with incoming SMS messages. Restart your phone and try resending the 2SV code. Verify that your device has notifications turned on. Turn off Do not disturb.
What happens to 2 step verification if I lost my phone? ›
If your lost phone has Google Authenticator on it, you need to secure your accounts connected to the app by logging in with an alternate method, and resetting the 2FA settings. You should also erase your phone remotely if possible. You can then add Google Authenticator to a new phone and re-link it to your accounts.
What is two-factor authentication weakness? ›Potential downsides to two-factor authentication
It still, however, has some downsides. These include: Increased login time – Users must go through an extra step to login into an application, adding time to the login process.
If you have already set up two-factor authentication and cannot access the authentication code on your mobile device, you will need to ask your user manager or administrator to contact our support team to reset your account security. You will need to set up your account security with a different mobile device.
How will I know if my account has been hacked? ›You get signed out of your online accounts (social media, email, online banking, etc.), or you try to log in and discover your passwords don't work anymore. You receive emails or text messages about login attempts, password resets, or two-factor authentication (2FA) codes that you didn't request.
How do I clear my two step verification? ›- On your Android phone or tablet, open your device's Settings app Google. Manage your Google Account.
- At the top, tap Security.
- Under "Signing in to Google," tap 2-Step Verification. You might need to sign in.
- Tap Turn off.
- Confirm by tapping Turn off.
Go to Security settings and sign in with your Microsoft account. Under the Two-step verification section, choose Set up two-step verification to turn it on, or choose Turn off two-step verification to turn it off.
What is the strongest form of two-factor authentication? ›FIDO U2F is the most secure form of 2FA that prevents against password cracking, man-in-the-middle, and phishing attacks. Learn more about FIDO U2F here. There are many forms of 2FA, some of which are stronger than others.
What are the two key things of two-factor authentication? ›Two-factor authentication methods rely on a user providing a password as the first factor and a second, different factor -- usually either a security token or a biometric factor, such as a fingerprint or facial scan.
Which is the least secure 2 step verification method? ›SMS-based two-factor authentication
Unfortunately, it's also the worst way. SMS-based 2FA is easy and convenient. It's also not very secure.
SOCIAL CLUB 2-STEP VERIFICATION BONUS
Everyone that adds 2-Step Verification to their Social Club account (and anyone who already has) will receive: GTA$500,000 in your GTA Online account. 10 Gold Bars in your Red Dead Online Beta account. Additional future benefits in both GTA Online and the Red Dead Online Beta.
Which is more secure account key or two step verification? ›
Security keys are a more secure second step. If you have other second steps set up, use your security key to sign in whenever possible. If a security key doesn't work on your device or browser, you might see an option to sign in with a code or prompt instead.
What are the two most commonly used authentication factors in multifactor authentication? ›Authentication using two or more factors to achieve authentication. Factors include: (i) something you know (e.g. password/personal identification number (PIN)); (ii) something you have (e.g., cryptographic identification device, token); or (iii) something you are (e.g., biometric). See authenticator.
Can I opt out of 2-step verification? ›Open your Google Account. In the "Security" section, select 2-Step Verification. You might need to sign in. Select Turn off.
Can I refuse Google two step verification? ›- On your Android phone or tablet, open your device's Settings app Google. Manage your Google Account.
- At the top, tap Security.
- Under "Signing in to Google," tap 2-Step Verification. You might need to sign in.
- Tap Turn off.
- Confirm by tapping Turn off.
Without setting up 2-step verification, hackers could get into your account if they figured out your password. With 2-step verification enabled, they would need the password and physical control of your phone, your wallet or purse, or your actual computer.
Why can't I turn off two-factor authentication? ›If you're already using two-factor authentication with your Apple ID, you can't turn it off. If you updated to two-factor authentication inadvertently, you can turn it off within two weeks of enrollment. If you do, your account is less secure and you can't use features that require a higher level of security.
How do I turn off 2-step verification without signing in? ›First off, go to Settings and Privacy > Settings > Security and Login > Two-factor authentication on your browser-based Facebook account. You'll find a list of your authorized devices where you won't need to use a login code.
How many numbers do you need for Google 2-step verification? ›You must always have at least one phone number available, mobile or land line, to receive a one-time security verification code, and you can add a total of five phone numbers.
How do I enforce Google 2-step verification? ›- Open your Google Account.
- In the navigation panel, select Security.
- Under “Signing in to Google,” select 2-Step Verification. Get started.
- Follow the on-screen steps.
Get a text or phone call
If you don't have a trusted device handy, you can have a verification code sent to your trusted phone number as a text message or phone call.