I recently came across an interesting problem with MS Teams of which I could not find any specific documentation. I am aware that this issue may not have been limited to its effect on Teams and may have possibly caused problems elsewhere; however, this was just the way I observed it.
I was able to login into my own account; however, when switching to a guest account, I was prompted to change my O365 account password because “my user was at risk.”
Upon changing the password, I was then asked to re-authenticate with my new password. Once I did this, I was once again asked to change my password, and this loop would continue indefinitely.
I was somewhat in despair until I decided to check the Azure Active Directory settings applied to my organization that may be preventing me from signing in. In AAD under Monitoring -> Sign-ins, I found the failed logins with a failure reason of: Password change is required due to account risk.
Besides the obvious possibility that my account credentials could have been compromised and someone was trying to sign-in to my account, I started to think of how this could have happened.
I was suddenly reminded that a couple of days prior, I had logged into my O365 account from an Azure virtual machine I provisioned. I was never presented with any errors or warnings and therefore was unaware that AAD had tagged the login and my user as “Risky.”
By navigating to Security -> Risky Users and Risky Sign-ins, I was able to verify that this was the case:
By confirming the sign-in as safe and dismissing the users’ risk, I restored the ability to sign into my MS Teams guest accounts.
I hope anyone who experiences a similar issue can find the solution here or be pointed in the right direction.