Updated Microsoft is battling to fix its knackered multi-factor authentication system that today blocked customers from logging into their Microsoft 365 and Azure services.
The Redmond giant confirmed on Friday an unspecified glitch prevented customers in North America from receiving the multi-factor auth (MFA) codes they need to sign into their cloud-based accounts. Obviously, those not using MFA are not affected.
Though Azure and Microsoft 365 MFA users initially were locked out, by mid-day US Pacific Time, Azure was said to be working again, leaving 365 subscribers trying to log in high and dry.
"We've taken multiple actions to mitigate impact and are working to validate service restoration," Microsoft told Microsoft 365 aka Office 365 customers. "In parallel, we're continuing to review system logs and service telemetry to better understand the underlying root cause."
The outage for both services began at around 1330 UTC (0630 PT), when users complained of being unable to get two-factor codes on their devices via phone call, text message, or through an authenticator app.
By 16:50 UTC (0950 PT), the Azure side of the IT blunder was resolved, and subscribers for those services were once again able to get their codes: the online productivity suite is still affected. Microsoft said it is working on a full investigation, and will deliver a postmortem at a later time.
For Microsoft 365, work to resolve the outage is ongoing, and Microsoft has yet to say when users will once again be able to complete their two-factor logins.
If there is any bright side to this, the outage did break out on Friday, so at least some of those affected while at work will be able to take some or all of the day off and get an early start on the weekend. ®
Updated to add
As of Monday, 1730 UTC, Microsoft 365's multi-factor authentication should be working by now, though Redmond is still "progressing through our investigation to isolate the underlying problem."