Clear Outlook credential cache and reset stored passwords in Windows Credential Manager. Navigate to Control Panel → Credential Manager → Windows Credentials and remove all Microsoft Office entries. Restart Outlook and re-authenticate with fresh credentials.
Fix GuideAuthentication LoopMicrosoft Outlook
Fix Outlook Authentication Loop Error – Microsoft Account 2SV Issues 2026
Outlook password reset stuck in verification loop due to Microsoft account two-step verification issues. Fix authentication problems with phone verification failures and Authenticator app access.
Emanuel DE ALMEIDA Authentication LoopMicrosoft Outlook 5 methods 12 min
Instant Solution
Understanding Microsoft Account Authentication Loops in Outlook
The Outlook authentication loop error represents one of the most frustrating Microsoft account access issues in 2026. This problem typically manifests when two-step verification (2SV) is enabled and users lose access to their primary verification methods, creating a circular authentication process where password resets continuously redirect to inaccessible verification steps.
The core issue stems from Microsoft's enhanced security policies implemented in 2025-2026, which prioritize account protection over accessibility. When 2SV is active, the standard Microsoft Account Recovery Form often becomes ineffective, as Microsoft's systems are programmed to ignore recovery requests that attempt to bypass two-factor authentication requirements.
This authentication loop particularly affects enterprise users and individuals who have enabled 2SV but haven't maintained current backup verification methods. The problem is compounded by Outlook's credential caching mechanisms, which can store corrupted authentication tokens that perpetuate the login failures even after successful password resets through alternative methods.
Understanding the distinction between personal Microsoft accounts and work/school accounts is crucial for resolution, as each requires different recovery approaches and administrative privileges.
Related: KB5002718 — Security Update for Microsoft Excel 2016
Related: KB5002839 — Security Update for Microsoft Word 2016
Related: KB5002838 — Security Update for Microsoft Office 2016
Related: KB5002849 — Security Update for Microsoft Excel 2016
Related: KB5002848 — Security Update for Microsoft Word 2016
Diagnostic
Symptoms
- Outlook repeatedly prompts for password after entering correct credentials
- Password reset flow keeps returning to phone verification step
- "Enter the last 4 digits" screen appears but verification fails
- Microsoft account recovery form submissions are ignored or rejected
- Authenticator app codes are not accepted during sign-in
- Error message: "This method isn't working, try another"
- Outlook shows "We can't sign you in" despite correct password
- Two-step verification blocks normal password reset process
Analysis
Root Causes
- Outdated or inaccessible phone numbers registered for two-step verification
- Microsoft Authenticator app sync issues or device changes
- Corrupted Windows Credential Manager entries storing old authentication tokens
- Two-step verification enabled with only one accessible verification method
- Microsoft account security policies blocking standard recovery methods
- Outlook profile corruption affecting stored authentication data
- Network connectivity issues preventing proper verification code delivery
- Recent Microsoft account security changes requiring re-verification
Resolution Methods
Solutions
01
Clear Windows Credential Manager and Reset Outlook Authentication
This method clears corrupted authentication tokens that cause login loops.
- Press Windows + R, type
control, and press Enter - Navigate to User Accounts → Credential Manager
- Click Windows Credentials tab
- Locate all entries containing "Microsoft Office", "Outlook", or your Microsoft account email
- Click each entry and select Remove
- Close Control Panel and open File Explorer
- Navigate to
%LOCALAPPDATA%\Microsoft\Outlook - Delete all
.ostand.pstfiles (backup important emails first) - Open Outlook and enter your credentials when prompted
- Complete the two-step verification process with a working method
Pro tip: If you have multiple Outlook profiles, repeat this process for each profile's credential entries.
Verification: Open Outlook without being prompted for credentials. Check that emails sync properly and no authentication errors appear in the status bar.
02
Use Microsoft Account Recovery with Alternative Verification
Access your Microsoft account through alternative verification methods to update security info.
- Open a web browser and navigate to
account.microsoft.com - Click Sign in and enter your email address
- When prompted for password, click Forgot my password
- Select I forgot my password and click Next
- Choose an alternative verification method (backup email, security questions, or Authenticator app)
- If using Authenticator app, open Microsoft Authenticator on your phone
- Tap the account and enter the displayed code
- Once signed in, go to Security → Security dashboard
- Click Update info next to "Ways we can contact you"
- Add a new phone number or email address for verification
- Remove old, inaccessible verification methods
- Test the new verification method by signing out and back in
Warning: Ensure you have access to at least two verification methods before removing any existing ones.
Verification: Sign out of your Microsoft account and sign back in using the new verification method. Confirm Outlook authentication works without loops.
03
Reset Outlook Profile and Reconfigure Authentication
Create a new Outlook profile to eliminate authentication corruption.
- Close Outlook completely
- Press Windows + R, type
appwiz.cpl, and press Enter - Right-click Microsoft Office and select Change
- Choose Quick Repair and click Repair
- After repair completes, press Windows + R, type
control mlcfg32.cpl, and press Enter - Click Show Profiles
- Click Add to create a new profile
- Enter a profile name (e.g., "Outlook2026") and click OK
- In the Add Account wizard, enter your email address
- Click Advanced options and check Let me set up my account manually
- Select Office 365 and click Connect
- Complete the modern authentication flow with two-step verification
- Set the new profile as default in Mail Setup dialog
- Delete the old corrupted profile
Pro tip: Export important emails from the old profile before deleting it using File → Open & Export → Import/Export.
Verification: Launch Outlook with the new profile. Verify that authentication completes without loops and all email accounts sync properly.
04
Use PowerShell to Reset Microsoft Account Authentication Tokens
Clear authentication tokens using PowerShell commands for advanced troubleshooting.
- Press Windows + X and select Windows PowerShell (Admin)
- Run the following command to clear cached credentials:
Get-StoredCredential | Where-Object {$_.Target -like "*microsoft*" -or $_.Target -like "*office*" -or $_.Target -like "*outlook*"} | Remove-StoredCredential- Clear Windows Authentication cache:
klist purge- Reset the Windows Credential Manager service:
Stop-Service -Name "VaultSvc" -Force
Start-Service -Name "VaultSvc"- Clear Office authentication cache:
Remove-Item -Path "$env:LOCALAPPDATA\Microsoft\Office\16.0\Wef\*" -Recurse -Force -ErrorAction SilentlyContinue- Reset network authentication:
netsh winsock reset
netsh int ip reset- Restart the computer to apply all changes
- Open Outlook and re-authenticate with your Microsoft account
Warning: These commands will clear all stored credentials. Have your passwords ready for re-authentication.
Verification: Run klist in PowerShell to confirm no old Kerberos tickets remain. Launch Outlook and verify successful authentication without loops.
05
Configure App-Specific Password for Legacy Authentication
Create an app-specific password to bypass two-step verification issues in Outlook.
- Sign in to your Microsoft account at
account.microsoft.com - Navigate to Security → Security dashboard
- Under Advanced security options, click App passwords
- Click Create a new app password
- Enter "Outlook Desktop" as the app name
- Click Generate and copy the generated password
- Open Outlook and go to File → Account Settings → Account Settings
- Select your Microsoft account and click Change
- In the password field, paste the app-specific password
- Uncheck Remember password if it causes issues
- Click Next and Finish
- Test email synchronization
Pro tip: App-specific passwords work best with IMAP/POP3 configurations. For Exchange Online, modern authentication is preferred.
Verification: Send a test email and verify that Outlook syncs without authentication prompts. Check that the app-specific password appears in your Microsoft account security settings.
Validation
Verification
To confirm the authentication loop is resolved, perform these verification steps:
- Close Outlook completely and reopen it - no password prompts should appear
- Send a test email to yourself and verify it appears in both Sent Items and Inbox
- Check Outlook's connection status in the bottom-right corner - it should show "Connected"
- Run this PowerShell command to verify credential storage:
Get-StoredCredential | Where-Object {$_.Target -like "*microsoft*"}The output should show current, valid Microsoft credentials. If authentication still fails, check Windows Event Viewer under Applications and Services Logs → Microsoft → Windows → Authentication for specific error details.
If it still fails
Advanced Troubleshooting
If the above methods didn't resolve the authentication loop, try these advanced approaches:
Registry-based credential reset: Navigate to HKEY_CURRENT_USER\Software\Microsoft\Office\16.0\Common\Identity and delete all subkeys. This forces Outlook to rebuild authentication data.
Network-level troubleshooting: Configure DNS to use 8.8.8.8 and 8.8.4.4 to rule out DNS resolution issues affecting Microsoft authentication servers. Test connectivity to login.microsoftonline.com using telnet login.microsoftonline.com 443.
Time synchronization: Authentication tokens are time-sensitive. Run w32tm /resync in an elevated command prompt to synchronize system time with Microsoft's servers.
Firewall and antivirus: Temporarily disable Windows Defender and third-party antivirus to test if security software is blocking authentication. Add exceptions for outlook.exe and Microsoft authentication domains.
Last resort - Account migration: If the Microsoft account remains inaccessible, consider migrating emails to a new Microsoft account using the Import/Export wizard in Outlook, then reconfiguring with the new account credentials.
Frequently Asked Questions
Why does Outlook keep asking for my password even after I reset it successfully?+
This occurs because Outlook caches authentication tokens in Windows Credential Manager. Even after a successful password reset, Outlook continues using the old, invalid tokens. The solution is to clear all Microsoft-related entries from Credential Manager (Control Panel → Credential Manager → Windows Credentials) and delete cached authentication files from %LOCALAPPDATA%\Microsoft\Office\16.0\Wef\. After clearing these caches, Outlook will prompt for fresh credentials and complete proper authentication.
What should I do if my phone number for two-step verification is no longer accessible?+
If you've lost access to your primary verification phone number, you have several options: Use the Microsoft Authenticator app if it's still installed on a device you control, access backup codes you saved during 2SV setup, or use an alternative email address configured for verification. If none of these work, you'll need to use the Microsoft Account Recovery Form, though success rates are lower when 2SV is enabled. For work accounts, contact your IT administrator who can reset your MFA methods through the Microsoft 365 admin center.
Can I disable two-step verification to fix the authentication loop?+
You can only disable two-step verification if you can successfully sign in to your Microsoft account first. This creates a catch-22 situation when you're locked out. If you do regain access, navigate to account.microsoft.com → Security → Advanced security options → Two-step verification and turn it off. However, Microsoft strongly recommends keeping 2SV enabled and instead updating your verification methods to include multiple accessible options like backup emails, authenticator apps, and current phone numbers.
How long does Microsoft account recovery take when two-step verification is enabled?+
Microsoft account recovery with 2SV enabled can take 24-48 hours for automated processing, or up to 30 days for manual review in complex cases. The timeline depends on the information provided in the recovery form and Microsoft's ability to verify account ownership. During this period, Microsoft may send additional verification requests to alternative contact methods. For faster resolution, ensure you provide detailed information about recent account activity, devices used, and any purchase history associated with the account.
Why does the Microsoft Account Recovery Form get ignored when I have two-step verification enabled?+
Microsoft's security policy treats accounts with 2SV as high-security accounts that require cryptographic verification rather than knowledge-based verification. The recovery form is designed for accounts without 2SV, where Microsoft can verify ownership through personal information. With 2SV enabled, Microsoft's systems expect you to use your configured verification methods (phone, authenticator, backup codes) rather than the recovery form. This policy prevents attackers from bypassing 2SV through social engineering, but it also makes legitimate recovery more difficult when all verification methods are inaccessible.
Written by
Emanuel DE ALMEIDA
Microsoft MCSA-certified Cloud Architect | Fortinet-focused. I modernize cloud, hybrid & on-prem infrastructure for reliability, security, performance and cost control - sharing field-tested ops & troubleshooting.
Further Intelligence
Deepen your knowledge with related resources
Discussion
Share your thoughts and insights
You must be logged in to comment.
Loading comments...