Slashdot Mirror

← Back to Stories (view on slashdot.org)

Microsoft's Multi-Factor Authentication Service Goes Down For Second Week in a Row (zdnet.com)

Posted by msmash on from the well-that's-fantastic dept.

Just over a week after a global problem with its multi-factor authentication (MFA) service plagued a number of users, another Microsoft MFA outage is impacting a number of customers. Many, but not all, of the customers reporting problems today seem to be U.S.-based. From a report: Starting around 9:15 a.m. ET, a number of Office 365 customers began reporting on Twitter that they were unable to sign into that service because of an MFA issue. Office 365 is one of a number of Microsoft services that uses Azure Active Directory MFA to authenticate. Around 10:15 a.m. ET, Microsoft's Azure status dashboard was updated to reflect the possibility of a cross-region potential outage impacting MFA. "Impacted customers may experience failures when attempting to authenticate into Azure resources where MFA is required by policy. Engineers are investigating the issue and the next update will be provided in 60 minutes or as events warrant," the dashboard status said.

15 of 101 comments (clear)

  1. You don't own your software by Geoffrey.landis · · Score: 2

    Yes: this is what happens when you don't own your software, you just "license" the use of it.

    --
    http://www.geoffreylandis.com
    1. Re:You don't own your software by Anonymous Coward · · Score: 5, Insightful

      Cloud is just a server run by someone else.

    2. Re:You don't own your software by phantomfive · · Score: 4, Informative

      It also seems to be something Microsoft does fairly regularly. They have a history of catastrophic failure of services. If they manage to get this one back up, it won't be their worst disaster.

      Remember not to trust the cloud: have backups because your stuff might be lost.

      --
      "First they came for the slanderers and i said nothing."
    3. Re:You don't own your software by im_thatoneguy · · Score: 2

      You plan on running your own 2 factor authentication token system? Good luck keeping it up 100% of the time for 100% of your users across the globe.

      Maintaining user authentication systems is pretty challenging. Keeping credentials maintained across phones, tablets, PCs, back end services and internal servers is not a simple service to maintain in house.

      How do you propose you "Own" a service which gives you single sign on authentication across your internal network, remote web services and offers 2 factor authentication? That's a lot of fragile infrastructure to maintain.

    4. Re: You don't own your software by kaatochacha · · Score: 2

      Cool, saying " I had to take my car to the shop" makes me sound incompetent and incapable of fixing anything.
      Now, I can say "My cars going into the auto cloud",and I'm cool again!

    5. Re:You don't own your software by ilsaloving · · Score: 3, Insightful

      Rolling your own MFA would be a nightmare, considering how tightly the security needs to be controlled, so while what the parent says is true, sometimes it's just not practical.

      That means if you need to outsource to a vendor, that vendor has to be rock solid. Microsoft has a demonstrable track record of *not* being able to keep their infrastructure up, so I'm honestly dumbfounded that anybody would use their software willingly. Office365 is one thing because you really don't have a choice, and you can at least run the local version (unless Microsoft breaks the big brother functionality) but I would *never* trust mission-critical infrastructure to be managed by Microsoft.

  2. A particular movie quote comes to mind. by mcmonkey · · Score: 2

    Locally installed applications are not exposed to this mode of failure. This story is about as interesting as people who complain about breakfast hours at restaurants. Cook your own breakfast any time of day.

    Cue Airplane "They bought their tickets. They knew what they were getting in to. I say, let 'em crash."

    1. Re:A particular movie quote comes to mind. by nuckfuts · · Score: 2

      Locally installed applications are not exposed to this mode of failure. This story is about as interesting as people who complain about breakfast hours at restaurants. Cook your own breakfast any time of day.

      Show me the locally installed Multi-Factor Authentication solution that doesn't have any cloud component.

  3. Looks like they tried it by Pikoro · · Score: 4, Funny

    "Engineers are currently in the process of cycling backend services responsible for processing MFA requests."

    So, they're turning it off and back on again.

    --
    "Freedom in the USA is not the ability to do what you want. It is the ability to stop others from doing what THEY want"
    1. Re:Looks like they tried it by Chris+Mattern · · Score: 2

      "In some cases, service restarts appear provide only temporary relief, so we're continuing to explore alternate remediation options."

      So, they're going to re-install it?

    2. Re:Looks like they tried it by nuckfuts · · Score: 2

      "Engineers are currently in the process of cycling backend services responsible for processing MFA requests."

      So, they're turning it off and back on again.

      Exactly. And they're been staring at this for the last 90 minutes:
      "Windows is installing updates. Please do not power off or unplug your machine".

  4. Live Like Lemmings by Crashmarik · · Score: 2

    Die Like Lemmings

    You have critical applications they have no business being in the cloud. Especially not someone else's cloud.

  5. Broken either way by SirAstral · · Score: 4, Insightful

    Choose how you want to run IT.

    If you think you can run to the cloud and get better service you are mistaken. Like playing musical chairs you only move the problems and goal posts around.

    There is no end to Management willing to pay through the nose for the promise of "Cloud" and following the advice of the providers along the way with little question, but when you have to build it on-prem you have to justify every blithering dollar you ask to spend and then have to face them trying to screw up your project plans with scope creep and "know-it-all" management interference and second guessing junior idiots.

    In short, your shit is going offline... you want that reduced? Find quality IT pros and fucking pay them what they are worth and stop promoting high quality pro's to justify giving them a higher salary. If you need too... pay a helpdesk worker that gets their fucking shit done twice what you pay the others. It's that simple and stay the fuck out of their way... they are the professionals... not the fucking management. Managements ONLY job should be to make sure that money is wisely spent by make sure the teams are aware of talent and licenses product are not unnecessarily duplicated and that the nerds or silo managers are not busy fighting like children over stupid shit between themselves or other teams. Those are two huge problems but get very little attention in many businesses.

    1. Re:Broken either way by im_thatoneguy · · Score: 3, Interesting

      You're going to provide me a nice storage service on-prem that I can access on an iPhone or Android device with conflict resolution and live cooperative editing between say 10 collaborators? And this service is going to manage sync conflicts? And this service is going to scale instantly? And it'll have a single sign on portal so that I can access said collaborative data share? And when I need to share that data with someone outside of the organization you're going to maintain the registration and securities permission of sharing said document? Also is your data service going to OCR and scan all photos in a project folder? Are you going to let me have federated search on my phone to search the contents of documents on my phone quickly while on a public wifi?

  6. CROSS REGION!?! by the_skywise · · Score: 2

    cross-region potential outage impacting MFA

    The whole point of being in the cloud is so if one region goes down you can switch over/fallback to the other region's servers to maintain uptime!!!