How to Reset MFA with or without Microsoft 365 Admin?

Today, MFA is an essential part of almost all online platforms, such as Microsoft 365, Google Workspace, Zoho Workplace, and more. This is an additional layer of security protection added to your login to verify account ownership. Whether you're an administrator, user, or member of an organization, enabling MFA is often required as part of your security policy. But how do you reset MFA in Office 365 when you've already enabled it?

In this post, we'll cover all the scenarios involved in resetting multi-factor authentication in Office 365.

Why you need to Reset MFA in Microsoft 365?

There are several reasons to reset MFA in an M365 account:

1. The organization or user wants to change authentication methods. As we know, Microsoft has different MFA methods: SMS, Phone App, Passkeys, etc.
2. Your phone is lost, stolen, or replaced.
3. Reinstalling the Microsoft Authenticator app.
4. You continue to use your account without completing MFA verification.
5. If an employee changes roles, they may need to add a new authentication method, implement necessary security policies, and transfer ownership.

Other concerns like suspicious activity, account locked, etc.

Read: How to Remove Domain from Office 365

Condition 1: Reset MFA with Microsoft 365 Admin access

If you have admin access, then you can do it easily and efficiently without having any trouble. Admin can reset multi-factor authentication in different ways:

Method A – Use Microsoft 365 Admin Center

Reseting or Changing MFA using Microsoft Admin Center is now closed. It will not work as MFA management is official moved to Entra admin center. However if you are still using classic interface  then you may follow this method.

• Login to your M365 admin center and click on Users
• Select Active Users
• Choose all affected user account
• Click on Manage multifactor authentication
• Select the user again
• Choose: Require re-register MFA option

Method B – Reset MFA Using Entra Admin Center

This is an official steps to reset MFA in Office 365. 

• First login to Microsoft Entra admin center and go to users.
• Click all user
• Click on the user in which you want to reset MFA.
• Go to Authentication method
• Click on "Require Re-register multifactor authentication"
• Click on Ok button.

That's it.

Now when the users will get the prompt to set up MFA in next login.

Method C – Remove Authentication Manually

If user does not have access their old phone due to lost, stolen or changing then admin can directly remove it from the account.

Go to users then All user

Choose user and go to Authentication method

Now click on three dots (...) and remove all registered methods like Microsoft authenticator, Phone number, etc.

Click on Delete to remove it.

Now when a user login again they will be prompted to setup new MFA.

Method D – Reset MFA using PowerShell

PowerShell method is also requiring admin access to reset MFA in O365.

Connect-MgGraph -Scopes "UserAuthenticationMethod.ReadWrite.All"

Get-MgUserAuthenticationMethod -UserId user@domain.com

Remove-MgUserAuthenticationMethod -UserId user@domain.com -AuthenticationMethodId <ID>

Read: Create Distribution list in Office 365

Condition 2 – Reset MFA without Microsoft 365 Admin access

You don't have admin rights then there are some ways to reset Multi-factor authentication.

Method A – Use another MFA method

If you have added multiple authentication method then you can use it to access your account and remove old methods.

• Login to your Microsoft 365 account
• Go to security and find sign in option
• Click update or add new authentication method
• Remove old device.

Method B – Lost or Stolen Phone

If you have lost your phone, then you can never access your account easily. You must contact M365 admin to reset your MFA registration. Because there is no user-side bypass for security reasons.

Method C – Admin account Locked Outlook

In most organizations, multiple admin and global admin accounts are assigned to manage workload. So, if your admin account becomes locked but still have Global admin access then you also reset all accounts MFA. Also, it is strongly recommended to keep more than 2 Global admin access in Organization.

However, if you don't have access any global administrator then you must contact Microsoft support. They will help you to regain access by verifying the domain ownership.

Conclusion

This post helps users understand the step-by-step process of resetting MFA in Office 365 or Microsoft 365. There are several ways to reset multifactor authentication without any technical difficulties. Any user with or without admin access can follow the possible setups above. If you found this post helpful, please share it with others.