Microsoft has confirmed an outage that affected its multi-factor authentication (MFA) system, causing service disruptions for users attempting to access Microsoft 365 applications.
The issue, identified early on January 13, prevented some customers from logging into their accounts due to MFA failures. It has now been resolved.
Impact and Resolution
According to Microsoft, the disruption primarily impacted users who authenticate with MFA while accessing Microsoft 365 Office apps. Some users have also reported difficulties with MFA registration and reset processes. The company had initially redirected traffic to alternate infrastructure, restoring service availability while investigating the root cause.
“We’re investigating an issue in which Multi-Factor Authentication (MFA) may prevent users from accessing some Microsoft 365 (M365) Apps. We’ve redirected affected traffic and service availability is improving,” the company wrote on X (formerly Twitter) at 10:33 am GMT.
We're investigating an issue in which Multi-Factor Authentication (MFA) may prevent users from accessing some Microsoft 365 (M365) Apps. We've redirected affected traffic and service availability is improving. Please see OP978247 within the admin center for more information.
— Microsoft 365 Status (@MSFT365Status) January 13, 2025
Service availability has since shown signs of further improvement, with Microsoft declaring the issue resolved after extended stable health monitoring.
“After an extended period of monitoring, we’ve determined service availability is restored and the issue is resolved. For more information, please see OP978247 within the admin center,” the tech giant wrote at 12:05 pm GMT.
Importance of MFA and Security Measures
This outage highlights the critical role of MFA in securing user accounts.
- MFA provides an additional layer of security by requiring multiple forms of verification to access an account
- Microsoft has been increasing its enforcement of MFA, with plans to make it mandatory for all administrators accessing the Microsoft 365 admin center starting February 3 2025
- Despite its effectiveness in blocking over 99% of identity-based attacks, MFA systems can still experience technical issues
To keep MFA systems safe, security experts recommend maintaining contingency plans, implementing alternative authentication methods, increasing activity monitoring and regularly reviewing MFA configurations.
Image credit: gguy / Shutterstock.com