I'm facing a weird problem with my M365 tenant. I've got multi-factor authentication (MFA) enforced for all users and services through Conditional Access Policies (CAP). I've already set up the Microsoft Authenticator app, but every time I click anything in the interface, I get redirected to the registration page at "https://mysignins.microsoft.com/register". This page shows my security info and confirms that my default sign-in method is the Authenticator app. I just hit 'OK' and it lets me through, but it never actually prompts for MFA, only asks me to register again. This is particularly frustrating when I'm trying to connect via PowerShell since the login prompt fails when it redirects me. Has anyone experienced this issue? To add, MFA per user settings are set to off for all users, and security defaults are disabled.
2 Answers
This sounds like your account might not be fully set up for MFA. Even though you've registered the Authenticator app, Microsoft typically wants you to add at least one more method, like a phone number or email address. You might want to check out [aka.ms/mfasetup]() to add another method, which should help you stop getting redirected to that registration page. After that, it should actually enforce MFA instead of the loop you're stuck in.
What you're seeing isn't exactly MFA; it's more of a prompt to register. It looks like they want you to set up self-service password reset options. You might want to try adding another authentication method if you can. If you don't see any extra choices, you can configure those in Entra ID.
I do have password, Microsoft Authenticator, and a device-bound passkey registered. There are no other policies enforcing more methods, though.
I tried going to 'edit info' to add another method, but I keep getting stuck in a loop telling me to confirm my info is up-to-date, and it never actually lets me add anything.