Microsoft MFA Faces Major Disruption with 504 Errors

Microsoft MFA Faces Major Disruption with 504 Errors

Posted on By CWS

Microsoft is currently addressing a significant issue impacting its Multi-Factor Authentication (MFA) feature within the Microsoft 365 suite. Users across North America are reporting 504 gateway timeout errors, hindering authentication processes and access to essential services.

Incident Overview

The problem, logged under the ID MO1237461, began on February 23, 2026, around 8:22 PM IST (2:52 PM UTC). The disruption primarily affects those attempting to authenticate via MFA, resulting in blocked access to Microsoft 365 applications and related services.

The 504 error suggests a failure in an upstream server, likely part of Microsoft’s authentication framework, which is unable to respond timely, thus causing the gateway to timeout. Microsoft has classified this as a service degradation, indicating intermittent access for some users depending on their request routing.

Impact on Users and Services

Currently limited to North America, the incident significantly impacts U.S.-based enterprises and organizations. As Microsoft 365 is widely used in corporate settings, services such as email, Teams, and SharePoint face potential disruptions. Furthermore, third-party applications relying on Microsoft Entra ID for authentication are also affected.

Conditional Access policies enforcing MFA compliance are at risk, possibly affecting device logins, VPN connections, and cloud application access. Microsoft’s recent updates reveal ongoing analysis of Entra ID logs and network telemetry to ascertain the root cause.

Response and Recommendations

Microsoft has released updates at various intervals, with the latest at 9:27 PM IST, highlighting ongoing investigations. The Entra ID, formerly Azure Active Directory, is crucial to Microsoft’s identity management, and the issue may involve an authentication gateway or backend component.

For organizations, MFA downtime presents a complex challenge. Disabling MFA for access restoration poses security risks, while enforcing it locks users out. IT admins should closely monitor the Microsoft 365 Service Health Dashboard under MO1237461 for real-time updates and consider temporary policy changes if necessary.

Microsoft’s public status page indicates operational services, but detailed incident information is available to tenants through the admin center.

Future Outlook

As Microsoft continues its investigation, users are advised to check the service health dashboard for updates. Options like trying different networks, devices, or browsers might help, but disabling MFA is not recommended for production accounts. For urgent issues, contacting Microsoft Support is advisable.

Follow Microsoft’s official @MSFT365Status on X for the latest updates. Stay informed through Google News, LinkedIn, and X for ongoing cybersecurity news.

Cyber Security News Tags:, , , , , , , , ,

Related Posts

Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands Multiple Schneider Electric Vulnerabilities Let Attackers Inject OS Commands Cyber Security News
Hackers Hijacking VNC Connections to Gain Access to OT Control Devices in Critical Infrastructure Hackers Hijacking VNC Connections to Gain Access to OT Control Devices in Critical Infrastructure Cyber Security News
Cyber Startup Frenetik Launches Patented Deception Technology to Counter the AI Arms Race Cyber Startup Frenetik Launches Patented Deception Technology to Counter the AI Arms Race Cyber Security News
CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability CISA Shares New Threat Detections for Actively Exploited WSUS Vulnerability Cyber Security News
How To Detect Them Early  How To Detect Them Early  Cyber Security News
CISA Warns of Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in Attacks CISA Warns of Citrix NetScaler ADC and Gateway Vulnerability Actively Exploited in Attacks Cyber Security News