This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(6.4, 17%, 10%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJN%3C/text%3E%3C/svg%3E)
We are experiencing an issue with the Azure ADB2C forgot password function. It asks you to verify your email twice, with two separate verification emails. See screenshots of the process below for reference. 
By the second step it is telling me my email address is verified, but when I click continue it tells me “Verification is necessary” and then takes me through the whole process again.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(214.4, 81%, 30%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMT%3C/text%3E%3C/svg%3E)
Hi @Jayde Nienaber ,
Just checking to see if you were able to get the resolution you needed? Let me know if I can help.
Marilee
Hi @Jayde Nienaber ,
If you have MFA enabled this is the default behavior and a known issue. If you are using the SignUp-SignIn policies while resetting the password using SSPR for B2C, the default behavior for the password reset flow using SignUp-SignIn policies is that you will enter the email and password and confirm the new password. If MFA is enabled for your SignUp-SignIn policy and you try to reset the password, you will first go to the default flow for SSPR, enter your email address, receive the code sent to your email, and after you enter the code you will go to the MFA page.
You should be able to resolve this by setting the MFA enforcement to "off."
If this does not work or your scenario does not support this, another workaround is to have two separate policies (one for sign-up and sign-in with MFA and another for password reset with MFA disabled), or to use custom policies.
See related:
Verification Twice
SocialAndLocalAccountsWithMfa
-
If the information helped you, please Accept the answer. This will help us and other community members as well.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(121.6, 33%, 21%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJT%3C/text%3E%3C/svg%3E)
@Marilee Turscak-MSFT but i need conditional access for the user MFA how do access that