On Monday, April 27, 2026, millions of Microsoft 365 users were locked out of their email as Outlook suffered a widespread sign-in failure. Microsoft confirmed it was investigating a service degradation that caused intermittent login errors, unexpected sign-outs, and “too many requests” messages, and began testing a rollback of a recently introduced change to restore access. The disruption hit both consumer and enterprise accounts across multiple regions, peaking during the critical Monday morning business hours.

The Monday Morning Lockout

Reports of the outage began surging early on April 27, as European users were already well into their workday and North American businesses were just starting up. For many, the first sign of trouble was a sudden logout from Outlook on the web or the desktop client, followed by an inability to sign back in—even with valid credentials. Others encountered a blunt “too many requests” error, a message usually associated with rate limiting, not a routine login attempt.

According to a report by Computing UK, Microsoft’s service health dashboard acknowledged “higher error rates in at least two scenarios” and said engineers were “analyzing telemetry to determine mitigation steps.” The company quickly pointed to a “recently introduced change” as a likely culprit and began rolling it back to see if that would reduce customer impact. By mid-morning, some users regained access, but the recovery was uneven, with mobile clients and Apple’s Mail app remaining problematic.

A Closer Look at the Symptoms

The outage wasn’t a simple email blackout. Mail delivery itself continued, but users couldn’t authenticate to read it. This meant that the failure cascaded across the Microsoft 365 suite: calendars, Teams chats, SharePoint files, and even Copilot for Microsoft 365 became inaccessible whenever a sign-in token expired or was challenged.

The symptoms varied widely:

  • Unexpected sign-outs from existing sessions across web, desktop, and mobile.
  • Intermittent login failures with correct passwords, often accompanied by generic error codes.
  • “Too many requests” messages that made it seem like users—or attackers—were hammering the authentication servers.
  • Mobile mail apps (especially on iPhones) prompting users to re-enter passwords, only to reject them again.
  • Blank loading screens and stalled sync in Outlook desktop clients.

For IT helpdesks, the chaos was magnified. Each of these symptoms can have multiple causes: an expired token, a conditional access policy mismatch, a corrupted profile, or an actual credential compromise. Distinguishing a service-side outage from a local problem without clear communication from Microsoft became nearly impossible.

Home Users: Don’t Make Things Worse

If you’re a consumer using a free Outlook.com or Hotmail account, the instinct to fix the problem can actually prolong it. Here’s what you should do—and avoid—during a similar outage:

  • Check a trusted status page first. Sites like Downdetector or the official Microsoft 365 Status Twitter/X account often confirm issues before you waste time troubleshooting. If the service is degraded, no amount of password resets will help.
  • Do not repeatedly attempt to sign in. Each failed try can trigger additional rate limits, especially if “too many requests” already appears. Wait at least 15 minutes between attempts.
  • If you’re prompted for a password on your iPhone, just re-enter the existing one. The iOS Mail app sometimes loses cached credentials during authentication glitches. Re-entering the same password (not changing it) can restore the connection once Microsoft’s service stabilizes.
  • Use an already signed-in device if possible. If your tablet or a secondary computer still has an active session, avoid signing out. That session may be your only reliable access until the outage ends.
  • Stay alert for phishing. Major outages are a golden opportunity for scammers. Emails claiming to “restore your account” or “fix Outlook access” are almost certainly malicious. Never share passwords or recovery codes, and don’t click links in unsolicited messages.

For IT Administrators: Contain the Chaos

Enterprise and education admins faced a different challenge: hundreds of tickets, executive pressure, and no direct control over the fix. A disciplined response can prevent the outage from becoming a self-inflicted wound.

Before you do anything else

  1. Confirm the outage source. Navigate to the Microsoft 365 admin center health dashboard. Check for any active advisories or incidents under “Exchange Online” or “Microsoft 365 suite.” Compare the reported scope with what your users are experiencing.
  2. Identify affected client types. Are failures limited to web, desktop (Outlook classic or new Outlook for Windows), mobile, or all three? If only mobile clients are failing, the issue may be token-related rather than a full authentication outage.
  3. Broadcast a status update outside of email. Use Teams (if it’s still working), Slack, a company intranet, or even a text message service. Tell users: “We are aware of a Microsoft 365 sign-in outage. Do not reset your password. Check back in 30 minutes.”
  4. Freeze password resets. Instruct your helpdesk to pause all password reset requests unless there’s strong evidence of account compromise. A mass password reset during an outage can overwhelm your identity infrastructure and lock users out even after Microsoft recovers.
  5. Tag tickets for post-incident review. Create a single incident category for all outage-related tickets. This will help you filter out noise later and identify users who might still have lingering issues after the main fix.

When the outage drags on

  • Identify critical workflows that depend on Outlook. Can approvals be shifted to a backup system? Can customer service use an alternate platform? Have a plan for read-only access to shared mailboxes if needed.
  • Monitor Microsoft’s communication cadence. Look for updates that specify whether the issue is regional, tenant-specific, or client-specific. This information will help you decide whether to implement local workarounds (like switching to Outlook on the web if the desktop client is the only one affected).
  • Provide executives with a business-impact summary. Use plain language: “Approximately X% of staff cannot access email. Critical sales and support workflows are affected. We are following Microsoft’s guidance and will send another update by [time].”

Why This Happened: A Timeline of Trouble

The April 27 incident didn’t occur in a vacuum. Over the preceding months, Microsoft 365 experienced several reliability blips:

  • January 2026: Multiple service disruption reports hit the Microsoft 365 admin center, though without a single widespread root cause.
  • March 2026: A Windows 11 update caused sign-in failures across Teams, OneDrive, and Copilot—again tied to authentication plumbing. Microsoft had to issue an out-of-band fix.
  • April 2026 (before the 27th): Some users reported early signs of “too many requests” errors when accessing Outlook, but these were not initially recognized as a broad incident.

These events underscore a crucial shift in Microsoft’s architecture. Over the past decade, Outlook evolved from a standalone email client into a central node in the Microsoft 365 ecosystem. It now depends on a complex chain: Microsoft Entra ID for authentication, Exchange Online for mail, SharePoint and OneDrive for attachments, Teams for calendar integration, and Copilot for AI-driven summarization. A failure at the authentication layer can therefore shut down far more than email.

The “recently introduced change” that Microsoft began rolling back likely involved one of these backend components—perhaps a configuration update to Entra ID’s token service, a traffic management rule, or an optimization that behaved differently under Monday morning load. In cloud operations, such changes are routine, but their blast radius can expand quickly when they touch identity services that millions of clients rely on simultaneously.

Immediate Recovery Steps

As of midday on April 27, Microsoft’s rollback began to restore service for many, but not all, users. If you’re still stuck, try these steps in order:

  1. Wait 30 minutes after the rollback announcement. Throttling protections often have cooldown periods. If you’ve been hitting “retry” repeatedly, the system may still be blocking your IP or account.
  2. On a desktop, close and reopen the Outlook client completely. For Outlook on the web, sign out manually (if you can), clear browser cache, and then navigate to outlook.office.com fresh.
  3. On iPhone, go to Settings > Mail > Accounts, select your Outlook/Exchange account, and re-enter your existing password. Do not change it. Then open the Mail app and pull to refresh.
  4. If you still get “too many requests,” try from a different network. Sometimes, corporate network addresses get caught in broader rate limits. Switching to a mobile hotspot can bypass this temporarily.
  5. For admins, check the “Service Health” section of the Microsoft 365 admin center for a “Restoring Service” or “Mitigated” status. If the incident is listed as mitigated but users still have issues, open a support ticket referencing the incident ID and specify the client (iOS Mail, Outlook desktop, etc.).

What to Expect Next

Microsoft’s immediate priority was to stabilize the service, which it largely did by the end of the day. But the longer-term questions remain:

  • What was the exact change? Enterprise customers will look for a post-incident report (often called a Preliminary Post Incident Review) published through the admin center within 48 hours. It should identify the specific component and why existing safeguards failed to prevent the outage.
  • Will mobile recovery require manual intervention? Even after Microsoft fixed the backend, many iPhone users reported that their Mail app didn’t sync until they manually re-entered their password. IT teams should prepare guidance for mobile users, especially if the organization uses conditional access policies that require app-specific passwords.
  • How will Microsoft improve outage communication? The gap between what administrators see in the health dashboard and what end users experience remains wide. Microsoft has been testing more user-facing status messages inside the Outlook sign-in page, but this outage showed that many users still rely on social media and third-party outage trackers.

For IT professionals, this incident is a rehearsal for the next one. Review your incident response playbook, test your alternate communication channels, and ensure your helpdesk scripts distinguish between a local account problem and a Microsoft-side degradation. The goal isn’t to prevent every possible outage—that’s impossible in a cloud-first world—but to make sure that when one hits, your users know what’s happening and your support teams aren’t chasing ghosts.