Skip to main content
CybersecurityInfrastructure

Microsoft Resolves MFA, MySignIn Outage After Infrastructure Failover

Technical area with computer servers hints at disruption.
"We're investigating an issue where some users may be unable to setup MFA or access the http://mysignins.microsoft.com website," the company's Microsoft 365 Status account shared on Twitter earlier today.

What Microsoft reported first

Microsoft acknowledged an incident that prevented some customers from setting up multi-factor authentication (MFA) or accessing the My Sign-Ins platform. An admin center advisory published under MO1329260 said affected users were seeing 504 Gateway Timeout errors when attempting to access mysignins.microsoft.com. The company flagged the situation as an ongoing incident — a designation the advisory linked to critical service issues with noticeable user impact — and noted the problem was confirmed around 5:00 AM ET.

Mitigation steps Microsoft executed

According to the admin center updates, Microsoft moved traffic to alternate infrastructure to reduce the outage's reach and began monitoring service telemetry. "We've completed mitigation actions, including failing over to alternate infrastructure, and are continuing to monitor service health," the company wrote. The advisory added that "As elevated error rates persist, we're actively evaluating additional mitigation options, including optimizing how service requests are processed to further stabilize the service."

Root cause identified and service restoration

By 08:41 EDT on June 1, Microsoft reported that access to the My Sign-Ins service had been restored and attributed the incident to a recent cache configuration change. In its updated admin center note Microsoft said, "We've identified a recent cache configuration change required a failover." The company described the technical sequence: "During the failover, the service experienced high CPU and memory utilization as EU traffic peaked, which prevented the MySignIn service from processing the volume of requests. Mitigation actions have since been rolled back, and traffic has been restored to the original infrastructure."

User-facing symptoms: 504 errors and blocked MFA setup

Customers impacted by the incident encountered 504 Gateway Timeout errors when visiting mysignins.microsoft.com and were unable to complete MFA setup. The outage specifically affected the My Sign-Ins platform and MFA enrollment flows, blocking the web-based experience for those attempting to enroll or manage sign-in methods while the incident persisted.

How technologists, enterprises, and end users are likely to respond

  • Technologists and security teams: Microsoft said it is monitoring service telemetry and evaluating optimizations for how service requests are processed. Teams responsible for identity infrastructure will be watching telemetry and logs tied to MFA and My Sign-Ins to confirm full recovery and stability as traffic returns to normal.
  • Enterprises and procurement leaders: Organizations relying on Microsoft sign-in tooling should note that a configuration change triggered a failover and high resource utilization during peak traffic — an event Microsoft rolled back before restoring traffic to original infrastructure. IT procurement and change-control processes may re-examine cache and failover configurations in light of the event.
  • End users: People attempting to set up MFA or access My Sign-Ins were directly affected, encountering 504 errors and blocked enrollment flows until Microsoft restored service later in the morning.

Microsoft's update closes the loop on this specific incident: traffic was restored to original infrastructure after the company rolled back mitigation actions tied to a cache configuration change and the subsequent failover. The advisory also referenced earlier, unrelated disruptions this year — a resolved problem that blocked Microsoft Teams Free users from chatting and calling others and an Outlook.com outage that interfered with mailbox access — underscoring the continued operational attention required for widely used cloud identity and communication services.

Read the original story