IBM Security MaaS360

 View Only
  • 1.  Microsoft 2FA Password Loop

    Posted Tue August 25, 2020 10:02 AM
    Recently our Microsoft Office 365 users who have 2FA enabled on their Microsoft account are experience a password loop.  When you go to the Email application within the iOS device (iOS 13.6) they are asked for their password.  They enter their password, they are then asked for the 2FA code, they enter their code and then it goes back to the password dialog box.  It had been working fine up until then.  We also use ADFS for authentication of the password with our AD environment.  We have checked our policies and all look fine.  Any other suggestions?

    Many thanks
    Martin Godfrey

    ------------------------------
    Martin Godfrey
    ------------------------------


  • 2.  RE: Microsoft 2FA Password Loop

    Posted Tue August 25, 2020 02:48 PM
    Hi Martin - is this in reference to the native iOS mail app or a 3rd party mail agent (such as Outlook)?

    ------------------------------
    Matt Shaver
    System Architect
    IBM
    mshaver@us.ibm.com
    ------------------------------



  • 3.  RE: Microsoft 2FA Password Loop

    Posted Wed August 26, 2020 08:29 AM
    Hi Matt,

    This is for the MaaS360 email application.

    The only thing we can think of is that as we use the Microsoft Authenticator app to get our code, the app has been updated with a double lock on it  now.  So when you launch the Authenticator app, you had to unlock again.  I'm wonder if that is inteferring.

    On iOS 13.5.1/13.6 
    Authenticator app 6.4.22
    MaaS360 3.99.597

    Regards
    Martin

    ------------------------------
    Martin Godfrey
    ------------------------------



  • 4.  RE: Microsoft 2FA Password Loop

    Posted Thu August 27, 2020 04:29 PM

    Hi Martin,

    I can't find anyone on my team that has come across this exact scenario.  Would you mind sending me an email with the MaaS360 agent logs and video of the behavior (if you're able to get it)?  I'd like to escalate to our dev teams.



    ------------------------------
    Matt Shaver
    System Architect
    IBM
    mshaver@us.ibm.com
    ------------------------------



  • 5.  RE: Microsoft 2FA Password Loop

    Posted Tue September 15, 2020 09:58 AM
    Hi Matt,

    In the end we found something within the MaaS360 documentation.  https://www.ibm.com/support/knowledgecenter/SS8H2S/com.ibm.mc.doc/pag_source/concepts/modern_auth_troubleshoot.htm
    We change the setup in Azure from Single Tenant to Multitenant.  This done the trick.

    Thanks for your help.
    Regards
    Martin

    ------------------------------
    Martin Godfrey
    ------------------------------