Logging into computer with Microsoft account

Velvis

Well-Known Member
Reaction score
46
Location
Medfield, MA
Is a standard M365 account considered a Microsoft Account? And can it be used to login to a PC?

Someone reached out to me about trying to login to a computer using a MS account instead of a local account by using their username@domain.com from a recently setup M365 account but they get a message saying the account doesn't exist.
 
You must have a Microsoft Account to have a subscription to M365 Personal or Family (and, in the case of Family, each seat holder does).

You can't just log in to any Windows machine with a Microsoft Account if you didn't set up a MS-Account linked Windows account. Many people, for reasons that elude me, will set up a local Windows account and then login to the Microsoft ecosystem with their Microsoft Account to use M365/OneDrive. Having a Windows Account linked to that same Microsoft Account ties all this up in a single, pretty bow.

Anyone who is an M365 user is deluding themselves if they think a separate local Windows account gains them anything at all other than aggravation!

If they have a local Windows account it can be linked to the MS account if they so choose.
 
never create a msa

Then stop using virtually every Microsoft product, and M365 in particular. Since that's a non-starter for someone who already has an M365 subscription, well . . .

I don't understand why any IT professional would act as though the Microsoft Account is to be avoided or is any different than the Apple, Google, and myriad other accounts that go with living in the cyber world.
 
You must have a Microsoft Account to have a subscription to M365 Personal or Family (and, in the case of Family, each seat holder does).

You can't just log in to any Windows machine with a Microsoft Account if you didn't set up a MS-Account linked Windows account. Many people, for reasons that elude me, will set up a local Windows account and then login to the Microsoft ecosystem with their Microsoft Account to use M365/OneDrive. Having a Windows Account linked to that same Microsoft Account ties all this up in a single, pretty bow.

Anyone who is an M365 user is deluding themselves if they think a separate local Windows account gains them anything at all other than aggravation!

If they have a local Windows account it can be linked to the MS account if they so choose.
The M365 account is a business account.
 
And Business accounts can be linked to local accounts, but are not usable as an actual login to the endpoint UNLESS that endpoint is joined to the Entra ID directory in question.

It's the same thing as domain joined was in the old days, Pro and up only, except this time the admin doesn't necessarily have to get involved.

The machine I'm typing this on is Entra ID native joined, and using my M365 account for the direct login via Windows Hello for Business, with a pin unlock process and bitlocker online and fully managed thanks to Intune.
 
Many people, for reasons that elude me, will set up a local Windows account and then login to the Microsoft ecosystem with their Microsoft Account to use M365/OneDrive.
Maybe because their MS account cannot be recovered and they need a computer until they can get it straightened out. I think MS should do a better job of enabling a user to recover their MS account, especially when their old computer no longer works so they can't provide details on recent e-mail messages.
 
Maybe because their MS account cannot be recovered and they need a computer until they can get it straightened out.

I fail to understand this concern, because you are not locked out of your computer if something happens with your MS account so long as you keep logging in with your existing password (or PIN).

Login credentials are kept, locally, until and unless you enter the latest credential that matches the online account, and then, and only then, does that become the only way you can get into your computer.

Anyone here who wants to prove that to themselves with a non-business (as there are all sorts of additional restrictions that can be placed on those accounts) Microsoft account linked Windows user account can do so. Stick with using either PIN, password, or biometric login on your computer. Change the Microsoft account password on microsoft.com. Now log out and try logging in ON WINDOWS but use the password that immediately preceded the change. You will be logged in. Same for PIN and biometrics.

If someone cannot literally remember their password, or PIN, and has never set up biometrics, then they can get locked out under Windows. But that's got nothing whatsoever to do with the Microsoft account.
 
you talk so much **** brian

Oh, but it's **** I can back up from direct experience. Lots of it in the residential client demographic.

People such as @Sky-Knight are the subject matter experts on the business side of the equation.

You can log in to a Microsoft Account linked Windows user account sans any internet connection, and I've done it many times. The people at MS are not complete idiots and know that people need to have access to a computer when there is no communication between that computer and the MS mothership.
 
I fail to understand this concern, because you are not locked out of your computer if something happens with your MS account so long as you keep logging in with your existing password (or PIN).

Login credentials are kept, locally, until and unless you enter the latest credential that matches the online account, and then, and only then, does that become the only way you can get into your computer.
The user was unable to log into her MS account with the password that has worked in the past -- on the laptop and in a browser. She's locked out of her laptop and her MS account accessed using a browser. She told me that she phoned Microsoft and they were unable to recover her account even with her assistance. I challenged how she got the MS number to call and she said she got it by going to microsoft.com and finding it there. Attempts to recover the account have been futile so far but she will try again tomorrow.

She bought a new laptop after all this, since the drive in the old one was in rough shape (freezing up). She can't set up a new MS account using any address she used previously because MS says it's already in use (by her). That's why I set up her new laptop as a local account. What a crock!
 
She can't set up a new MS account using any address she used previously because MS says it's already in use (by her). That's why I set up her new laptop as a local account. What a crock!

PEBKAC issues are rife here. And that's not saying that there's not plenty of Microsoft crock, too. But anyone who has "run out of existing email addresses" for an MS account has definitely been doing something wrong, and more than once.

This is one of the reasons I've said that part of our respective jobs is educating our clients. A client like this one has had a major hand in creating their own messes (plural) and needs to learn how to avoid that going forward.
 
I live and breath in the "B2B computer world"...meaning I support businesses.
In the old days, the professional way when having a server...was to configure active directory...the domain controller, and set Windows Professional workstations to join the domain...and log in with domain user accounts. This gives functionality, control, management, security, features, and brings a whole buncha other good stuff.

...sometimes we'd come across some poorly configured networks at "new clients we were brought in to fix"....where some wanna-be-imitation-pizza/craigs list tech" just configured it all in some partial workgroup mode And we'd have a good laugh at that poorly done amateur hour setup.

So...with Microsoft 365 business licenses....there is AzureAD...and there is InTune (although InTune not in the lower end budget licenses)...and those are the modern way of what was done in the old fashioned on prem server days. Workstations "get joined to AzureAD"....thus...any AzureAD users can log into those computers, just like in the old days, any "domain users" could log onto those "domain joined workstations". And there is control, management, security, and "things work properly". (much like Britech said..."tied up in a pretty bow")

...you do need to "join AzureAD first"...before users can log in. You can't just go and sign in with a Microsoft business account.

...no advantage to having a local user account except for the "in case of emergency, break glass local admin account". Which....with over several thousand computers in the past nearly 20 years of Microsoft 365..I've never had to use...but I still feel the need. Even though 365's Azure has LAPS"(local administrator password solution) that can create/manage a local admin account of an AzureAD joined rig.

While 99.999% of my work is in the business IT world, I still have a bit of volume of the personal world...and Microsoft Personal accounts are similar....I've yet to see a drawback from using a Microsoft account to log in...and I see many advantages...things just work better like they should. And yes the comparison to an Apple account or a Google account...is legit.
 
But anyone who has "run out of existing email addresses" for an MS account has definitely been doing something wrong, and more than once.
She has only used one e-mail address as a MS account. I assume MS has scavenged her e-mails and determined that she owns the other accounts. When I went to register for Copilot, it (without prompting) listed for me all the mail accounts I have and had established my identity as owner of them.

The only thing she did wrong was to use a laptop whose drive became so corrupted that her password no longer worked. Multiple login attempts locked her account. She's adamant that her answer to the security question is correct. Hopefully, we will find a few recent messages that help confirm that she's the owner of the account and can get it back.
 
I assume MS has scavenged her e-mails and determined that she owns the other accounts.

I will bow out after this, but I still don't understand. I have multiple Microsoft accounts using a couple of different email addresses that have been mine for ages (not generated at the time of the MS-Acct creation).

You have worked with the client, so I'm not questioning you or your effort at all. What she's saying just doesn't pass my "sniff test" based on plenty of experience with MS-Accts, including recovering a few that have become locked out.

Not that you probably haven't seen this in the past, but for others reading this thread at some later time who are facing a locked MS-Acct: Microsoft Support - Account has been locked
 
Is a standard M365 account considered a Microsoft Account? And can it be used to login to a PC?

Someone reached out to me about trying to login to a computer using a MS account instead of a local account by using their username@domain.com from a recently setup M365 account but they get a message saying the account doesn't exist.
If they are at the login screen and it fails that means the computer has never used that email address. You need to have done that during OOBE. If your are past that then you will need to log into an admin account, local or domain, and add that cloud account in users to have it validated. If the machine is joined to the domain.com domain then you can just add it at login. So you need more details from them.
 
Back
Top