Share via

Endless loop of Authenticator app asking for a code from itself

Matthew Kiel 0 Reputation points
2026-04-07T17:48:38.2+00:00

When trying to add a Microsoft account to my Authenticator app it asks me for a code from my Authenticator app which I can’t get because I haven’t yet created the account that it is asking the code for. How does that make any sense?! It enters an endless loop of asking for a code from itself that can’t be given. How am I supposed to add an account if the account has to be added already before I can add it?!? And why isn’t there a true alternative method that doesn’t just do the same thing - asking for a freaking code from itself?! It’s like - am I the only person having this problem? Am -I- the problem?!

Microsoft Security | Microsoft Authenticator
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Q&A Assist
    2026-04-07T17:48:57.9166667+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    The loop happens because the account currently has Microsoft Authenticator set as the only or primary verification method, and there is no other active method (phone, email, security key, etc.) that can be used to prove identity when trying to add Authenticator again.

    To break out of this loop, an alternative sign-in or an admin reset is required. The exact path depends on whether this is a personal Microsoft account or a work/school (Microsoft Entra / Microsoft 365) account.

    1. If this is a work or school (business) account

    In a business/organization scenario, the fix is for an administrator to reset the MFA registration so that new methods (including Authenticator) can be set up from scratch.

    Steps for the organization’s admin:

    1. Go to Microsoft Entra admin center: https://entra.microsoft.com
    2. Navigate to Users → All users and select the affected user.
    3. Open Authentication methods.
    4. Select Require re-register multifactor authentication.
    5. Confirm the change.

    Result: The next time the user signs in, the account will prompt to set up MFA again and will show a fresh QR code for Microsoft Authenticator, instead of asking for a code from the already-registered (but inaccessible) app.

    If the affected user is not an admin:

    • Contact the organization’s Microsoft 365/Entra admin and ask them to reset MFA as above.

    If the affected user is the only admin in the tenant:

    • A support case with Microsoft is required so the Data Protection team can verify identity and reset access. This is done by calling the regional Microsoft support number listed under Customer service phone numbers - Microsoft Support and asking for help with MFA reset for the only global admin.

    2. If this is a personal Microsoft account (Outlook.com, Hotmail, Live, etc.)

    For personal accounts, Authenticator is just one of several possible verification methods. To avoid the loop, another method must be used or added first, then Authenticator can be reconfigured.

    General pattern:

    1. Sign in to the Microsoft account Security page: https://account.microsoft.com/security.
    2. Select Manage how I sign in to view existing sign-in and verification methods.
    3. If any alternative method exists (SMS, email, security key), use that to verify identity.
    4. Once signed in and verified with the alternative method, add Authenticator again:
      • Select Add a new way to sign in or verify.
      • Choose Use an app.
      • If Authenticator is not installed, select Get it now.
      • If it is installed, select Set up a different Authenticator app, then Next to display the QR code.
      • On the phone, open Authenticator, tap +, choose Personal account, then Scan a QR code and scan the code shown on the PC.

    If no alternative method is available and Authenticator is the only method on the account, self-service recovery will not work and Microsoft account recovery/support must be used to regain access before Authenticator can be re-added.

    3. After access is restored: avoid the loop in future

    Once access is back and Authenticator is working again, add at least one backup method so that losing the phone does not cause the same loop:

    1. Go to SecurityManage how I sign in.
    2. Add a phone number, alternate email, or security key as additional verification methods.
    3. Optionally, enable Two-step verification so Authenticator (or other methods) are used every time:
      • In the Security page, scroll to Two-step verification and turn it On.
      • Follow the prompts; a QR code will be shown for Authenticator as part of setup.

    For maximum convenience and security on personal accounts, Authenticator can also be set as the passwordless sign-in method:

    1. On the Security page, select Manage how I sign in.
    2. Scroll to Passwordless account and turn it On.
    3. Follow the prompts and approve the request in Authenticator.

    This setup still requires at least one backup method so that Authenticator is not the only way to prove identity.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.