Microsoft Investigates MFA Setup Failure and MySigns-In Portal Outage
Microsoft is investigating an outage affecting MFA enrollment and the mysignins.microsoft.com portal, potentially blocking users under Conditional Access policies.
Microsoft has confirmed a service disruption that is preventing users from setting up multi-factor authentication (MFA) or accessing the self-service sign-in portal at mysignins.microsoft.com. The issue was first acknowledged by the Microsoft 365 Status account on X (formerly Twitter) on June 1, 2026. Affected organizations have been directed to track incident MO1329260 in the Microsoft 365 Admin Center for updates and remediation guidance. The company has not yet disclosed the root cause or a timeline for resolution.
The outage directly impacts a core security control: the ability for users to enroll in or modify their MFA settings. The mysignins.microsoft.com portal is the primary interface through which end users manage authentication methods, review recent sign-in activity, and configure security info without requiring IT helpdesk intervention. Any disruption to this service can create significant bottlenecks in onboarding workflows, account recovery processes, and enforcement of security policies.
Organizations that enforce Conditional Access policies requiring MFA registration may find new or existing users temporarily locked out of Microsoft 365 services as a downstream effect. Administrators are advised to monitor the incident in the Service Health dashboard and consider temporarily adjusting Conditional Access policies to avoid locking out users who cannot complete MFA setup during the outage. Microsoft has not issued a workaround other than monitoring the official status channel.
This outage comes at a time when Microsoft has been aggressively pushing MFA adoption and tightening authentication policies. In recent months, the company announced that it will require explicitly registered authentication methods for Entra ID Self-Service Password Reset, removing reliance on unverified directory-stored contact information with enforcement starting September 7, 2026. Disruptions to MFA infrastructure create a tension between security mandates and operational continuity.
Historically, outages affecting core identity services have been relatively rare but carry outsized impact. A similar incident in 2024 involving Azure Active Directory authentication temporarily blocked admin access across multiple tenants. Microsoft typically publishes post-incident reviews for significant service disruptions, which will be made available through the Admin Center after resolution.
For now, security teams should document affected users, prioritize MFA re-enrollment once the service is restored, and maintain communication with the Microsoft 365 Status account for real-time updates. The incident is a reminder that even well-architected identity platforms can experience fragility at the service layer, and that relying solely on cloud-based authentication controls without fallback procedures can introduce risk.
Microsoft has now officially confirmed the outage, acknowledging that customers are unable to configure MFA or access the My Sign-Ins platform. The company is actively investigating the root cause but has not yet provided an estimated time for resolution. The incident affects a core security feature relied upon by millions of users, potentially blocking those under Conditional Access policies from signing in.