- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe to Topic
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
MFA from Microsoft 2 Factor Authentication stopped working - No backup
Hello Microsoft!
We are CSP partners and recently I restored my main phone to the default settings.
I recovered the accounts registered before but lost access / notifications to our CSP admin account.
The result is: We have no way to access the CSP / Partner portal, always in the business login Microsoft asks for a code in the Authenticator app but no notification is received on my phone, on my phone after tried to restore the backup, the account in question is "Action Required" asking for QR-Code / URL...
Please help us to recover the account, I'm logging in on this forum with the personal account registered on the same e-mail of the CSP admin account.
Thanks,
Best Regards,
Michel.
Solved! Go to Solution.
- Labels:
-
CSP
- Mark as New
- Bookmark
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Actually you should be forced to do MFA for any AzureAD sign-in in this tenant, not only Partner Center - at least if you configured this in a compliant manner for CSP Partners.
Anyway - If you do not have another admin account that can log in to the Azure Portal to reset your MFA registration info for the affected user, contact support using this method: https://aka.ms/AzurePortalHelp
Also you might want to check if when the MFA prompt appears there is an option in the dialogue that allows to choose another verification form such as phone/SMS - if you registered those before.
As best practice for the future you should always have an additional emergency account for administration that you can use for recovery. This emergency admin account also needs to have MFA enabled if this tenant is used for CSP, so it is important that you register multiple MFA options, such as multiple apps and at least one phone number. Configuring multiple MFA options should also be best practice for any admin. And MS authenticator also provides a way to backup the configuration so you can recover this after phone replacement.
Receive consultations via Technical Presales and Deployment Services team
- Mark as New
- Bookmark
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Actually you should be forced to do MFA for any AzureAD sign-in in this tenant, not only Partner Center - at least if you configured this in a compliant manner for CSP Partners.
Anyway - If you do not have another admin account that can log in to the Azure Portal to reset your MFA registration info for the affected user, contact support using this method: https://aka.ms/AzurePortalHelp
Also you might want to check if when the MFA prompt appears there is an option in the dialogue that allows to choose another verification form such as phone/SMS - if you registered those before.
As best practice for the future you should always have an additional emergency account for administration that you can use for recovery. This emergency admin account also needs to have MFA enabled if this tenant is used for CSP, so it is important that you register multiple MFA options, such as multiple apps and at least one phone number. Configuring multiple MFA options should also be best practice for any admin. And MS authenticator also provides a way to backup the configuration so you can recover this after phone replacement.
Receive consultations via Technical Presales and Deployment Services team
- Mark as New
- Bookmark
- Subscribe
- Mute
- Permalink
- Report Inappropriate Content
Hello Janosch, thanks for the fast reply.
I opened a ticket case on https://aka.ms/AzurePortalHelp - Phone authentication is not working (I receive a call with an error at the end)..
I hope Microsoft can help me after the ticket movement.
Best Regards,
Michel.
