Skip to content

25 Comments

  1. Jim Hll
    April 29, 2020 @ 7:52 am

    That method did not work for me. And for many others I am afraid from what I read on the various forums.

    I figured out a solution! I am not sure if these are the exact steps I did. But the root cause was previously having a conditional access policy previously applied to that user.

    -Make sure the CA policy for MFA is not enabled. Mine was the Legacy rule, “Baseline policy: Require MFA for admins (Preview)”
    -Disable the MFA for that user in the Office 365 Admin.
    https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx?BrandContextID=O365
    -Create a new CA policy in Azure AD. Have it grant access and require MFA, and only apply just to that user.
    -Go back to the Office 365 MFA admin and enable then disable the MFA requirement for that user a few times. I did it four times. Leave with it disabled.
    -Return to Azure and remove that user from the CA policy requiring MFA. Leave it enabled but just not applied to any users.
    -Return to Office 365 admin and enable MFA for that user.
    -Initiate a screen sharing session with that user. Have them log into their MFA set up screen.
    https://aka.ms/MFASetup They will then see and be able to create a new app password.

    This took me a month to figure out, and my exact steps may not have been exactly as I said above. Hopefully the whole community can figure out the best way.

    Reply

    • Amira Armond Amira Armond
      April 29, 2020 @ 8:07 am

      Thanks Jim! I moved your steps into the article body so that others will see it. Cheers!

      Reply

  2. Jim Hill
    July 30, 2020 @ 9:09 pm

    I did finally find a way to fix this, once and for all, and not because of any help from Microsoft. They tried with no success. It is actually too simple, I could not believe it when I figured it out.

    You just have to visit Office Admin, then Active Users. Don’t select a user. On the top select Multi-factor authentication. A new web page tab will open displaying the MFA status per user. For the user which cannot create app passwords you will see Enabled as the status. You must click that user and then select Enforce. The MFA was enabled but not enforced.

    It is quite crazy, and drove me nuts for weeks. It works. I have MFA enabled through various CA policies and the Azure sign in policy (risky sign-ins require MFA).

    Reply

    • Carlo
      January 26, 2021 @ 4:37 am

      This worked for me, i did the steps above going into azure and disable the recommanded security feature that microsoft suggets.

      in office 365 portal i could see that the task to enable mfa was unchecked. So i did what Jim said just go to mfa settings, enforce. and voila the option to add a app password appeard in de users profiel (the new my sign-ins)

      Before this the user could only add a phone number or e-mail. Thank you so much

      Reply

    • Andrew
      September 7, 2021 @ 9:08 pm

      You’re a legend. I can go bandage my bleeding head, I’ve been banging on this wall for about 2 hours now. Thankyou thankyou thankyou!

      Reply

    • Mick Alford
      January 19, 2022 @ 11:31 pm

      Jim, you’re a ripper! thankyou for posting and contributing, your suggestion worked a charm,

      Reply

    • Neil
      July 10, 2022 @ 9:33 pm

      Thank you sir, this was what fixed it for me.

      Reply

    • Madeleine
      July 31, 2022 @ 2:14 am

      Legend! After months fighting with this, ensuring everything in Azure AD was set up correctly, this finally worked!

      It’s bizarre that we need to force multi-factor authentication, which for all intents in purposes forces the user to use multi-factor otherwise, just to enable app passwords.

      It’s finally working. For what it’s worth, I’m licensed as Microsoft 365 Business Basic for those who use O365 in a non-enterprise-y environment (refugee from the ol’ free GSuite days).

      Reply

  3. Steve
    August 17, 2020 @ 12:21 pm

    Despite all the above steps and comments, I still had trouble getting to the App password settings to create passwords. I found it in the past for a few of my users, but always had a difficult time retracing my steps and trying to Google the steps. However, today after being annoyed of not being to find it quickly and through a few attempts, I noted the steps that lead me to that screen.

    To find it,
    1) Sign in to office.com as the affected user.
    2a) On the upper right, click on their initials or profile picture.
    2b) Click “View account”
    3a) A new tab opens
    3b) The left column will show “Settings & Privacy” (this is where one would think app passwords are located–it’s not there.)
    3c) Further down, click on “Office apps”
    4a) Notice now the left column changes to “Security & privacy”
    4b) Click on “Security & privacty”
    5a) Click on “Additional security verification”
    5b) Click on “Create and manage app passwords”
    6) A new tab opens (that elusive screen reappears)

    Reply

  4. Jason Overholt
    September 18, 2020 @ 8:03 pm

    Just went round and round with this with MS tech support…

    You have to disable MFA for the user. You have to manage settings and clear old APP passwords and require user to provide contact methods again. Then re-enable mfa and once contact methods are complete, you then have an option to add an APP Password.

    Apparently, MS has a problem with the legacy APP passwords and the new and improved app passwords.

    Please get word out and maybe this will help someone else! Cheers

    Reply

  5. Peter Parker
    November 11, 2020 @ 6:21 pm

    Unfortunately there now seems to be an additional blocker to this. When you go to the Security and Privacy page (https://portal.office.com/account/#security) it now shows
    “To update your password, contact preference or to view your organization’s Privacy statement go to your new My Account portal”.
    Link goes to https://myaccount.microsoft.com/?ref=OfficePortalSecurityPrivacy
    Settings and Privacy in the new Portal has only Language & Region and Privacy. So now no idea where App Passwords would be even were they to work with the workarounds above.

    Reply

  6. Peter Parker
    November 11, 2020 @ 6:47 pm

    Actually wait. This has moved.
    1. Go to My_Signins https://mysignins.microsoft.com/security-info
    2. Go to Security Info
    3. Click Add Method
    4. Select App password

    Again to reiterate that (currently) this only appears for users added/enforced directly in the Multi-factor authentication page in admin center. App password does not appear for users added to MFA via conditional policy.

    Reply

  7. RLee
    December 22, 2020 @ 1:08 pm

    Thank goodness for Peter Parker’s response on 11/11/2020. Microsoft really needs to update this information! This drove me crazy for two weeks!

    Reply

  8. Jay Lewis
    January 11, 2021 @ 12:39 pm

    This method has CHANGED.
    1. Sign in to office.com as the affected user.
    2. On the upper right, click on their initials or profile picture.
    3. Click “View account”. A new tab opens
    4. The left column will show “Security Info”
    5. Click on “Add Method”
    6. From the drop-down select “App Password” then click ADD
    7. Give the App Password a name, such as “HP Scanner” then click NEXT
    8. Copy your password to a safe place, that’s it!

    Reply

  9. Juan Fernandez
    March 10, 2021 @ 1:22 pm

    Jay Lewis, i still don’t see the option under add a method to add an app password.

    any thoughts?

    Reply

  10. Daniel
    April 16, 2021 @ 1:25 am

    This really helped! Thank you everyone!

    Reply

  11. John
    May 26, 2021 @ 2:45 pm

    Changing the user to enforced fixed it for me also.

    Reply

  12. Ackley Fooser
    September 11, 2021 @ 2:29 pm

    Despite this being the best page on the Internet for finding the App Password option in Office 365 (or now the almost-un-Googleable Microsoft 365), the instructions are wrong. Something has changed again.

    The method to add an App Password does not appear under the “Add Method” drop-down. It’s just gone.

    It doesn’t matter if the user has MFA enforced or not. It doesn’t matter if you clear old app passwords or turn on or off Modern Authentication. It doesn’t matter if you create a CA policy.

    The option is simply gone like my youth, which I mis-spent on tracking down stuff like this.

    Reply

  13. LVA
    September 30, 2021 @ 3:15 pm

    I had a different experience than Ackley so I just wanted to add the steps used.

    This is still working even with conditional access policy applied to all accounts.

    Log in as Global Admin and access the following link:
    https://account.activedirectory.windowsazure.com/UserManagement/MultifactorVerification.aspx?BrandContextID=O365
    (Not shown through modern UI)

    Enable MFA for the user in question
    Refresh page
    Enforce MFA for the user in question

    (Instructions below from Jay Lewis)
    1. Sign in to office.com as the affected user.
    2. On the upper right, click on their initials or profile picture.
    3. Click “View account”. A new tab opens
    4. The left column will show “Security Info”
    5. Click on “Add Method”
    6. From the drop-down select “App Password” then click ADD
    7. Give the App Password a name, such as “HP Scanner” then click NEXT
    8. Copy your password to a safe place, that’s it!

    Reply

    • RP
      November 29, 2021 @ 3:54 pm

      Wanted to second this response as I also ran into this. Any users that may have MFA as just enabled need to be set to enforced. As the article explained if the enables MFA with out it being enabled and enforced on the admin page app password would not appear as an option. As soon as they are enforced the option would appear.

      Reply

      • Sunil Gupta
        July 7, 2023 @ 1:26 pm

        Did not work for me. Only three options are available : Authenticator App, Email and Office phone.

        Reply

  14. KCS
    February 25, 2022 @ 8:09 am

    O365 App Password are found here as of 2-25-2022:
    https://account.activedirectory.windowsazure.com/AppPasswords.aspx

    Reply

    • Sunil Gupta
      July 7, 2023 @ 1:24 pm

      That link redirects right back to the users settings where the option to create an App Password is still missing 🙁

      Reply

  15. Andras
    January 18, 2023 @ 10:29 am

    Any update on this issue?
    App registration option is missing in authentication methods for a certain user. I only have AUTH APP, secondary phone, and office phone.
    I saw this particular option some days ago but somehow its missing. Admin has the option but user has not.
    I think I tried all methods written here:-(

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *