Fix “The sign-in name or password does not match one in the Microsoft account system” Error in SharePoint Online
Problem: Getting “The sign-in name or password does not match one in the Microsoft account system” Error in SharePoint Online.
Solution:
I’ve experienced this error in SharePoint Online PowerShell scripts a couple of times. This could happen in any PowerShell method like CSOM, SharePoint Online Management Shell Connect-SPOService, or PnP PowerShell Connect-PnPOnline cmdlet. Here are the possible causes and solutions:
- Your user name or password could be wrong (Obviously!). Check if you are able to log in using a web browser with the user name and password given in the PowerShell script.
- Your password may be expired, or your account may be locked out or disabled.
- Your saved password in the Windows credentials store could be incorrect or expired (especially when you use PnP PowerShell module Connect-PnPOnline to get credentials from the Windows Credentials store)
- Your account may be MFA (Multi-factor authentication) enabled! If yes, either MFA must be turned OFF or you have to follow the methods described in How to Connect to SharePoint Online with MFA-enabled accounts from PowerShell?
- When you are working with multiple tenants, make sure the supplied credentials match the given URL. E.g. If you are trying to connect to https://crescent.sharepoint.com, make sure you are providing username@crescent.com (or whatever is appropriate!) but not “username@someotherdomain.com” in SharePoint Online.
- Instead of using the User name and password, you can use App ID & Password: How to Connect to SharePoint Online using AppID and AppSecret in PnP PowerShell?
- Last but not least: You may have a conditional access policy setup in your environment! Exclude your user account from it or use PnP PowerShell.
Hello !
Thank you Salaudeen Rajack !
For me it was because of the Conditional Access Policy (to block legacy authentication).
Now my account can connect to SharePoint Online via PNP PowerShell again.
Cheers !
I found that if I had Conditional Access and Terms of Use set to come up for acceptance, that the user was forced to sign-on manually to avoid the error. Once I excluded that user from our Conditional Access, the script worked. (This is done in Azure AD; Conditional Access; Policies https://portal.azure.com/#blade/Microsoft_AAD_IAM/ConditionalAccessBlade/Policies)