Authenticator: 2FA Verification Code

[sherxyar]

Issue Description:
When a user switches to a new phone, the authenticator app fails to function as expected. It does not generate the required authentication code when prompted during the sign-in process. Additionally, no error message or prompt appears to guide the user, such as instructions to request a 2FA reset or use an alternative authentication method. This occurs because the Authenticator app is no longer linked to the account due to the device being reset or data being transferred. This lack of communication creates confusion, leaving the user unsure of what to do next.

Proposed Solution:
Users should have a straightforward way to reset their Multi-Factor Authentication (MFA) when encountering such issues. For instance:

1. Self-Service MFA Reset: Users should be able to reset their MFA through their registered email, provided they still have access to it.
2. Request IT Support Directly: If the email reset is not possible, the Authenticator app should provide an option to send a reset request directly to the organization’s IT support. The reset process should involve user verification to maintain security.

Steps to Reproduce the Issue:

1. Install and set up the Authenticator app on Device A.
2. Transfer all data and apps from Device A to Device B, then reset Device A.
3. Set up the Authenticator app on Device B.
4. Attempt to sign in to a Microsoft service requiring a 2FA code from the Authenticator app.
5. Observe that no authentication code is provided on Device B, and no prompt or error message appears to explain the issue.

[Veena11]

Hi,

Thank you for the proposal. I have informed Authenticator team about this and awaiting their response on the same.