Fix Outlook AADSTS50053 Account Locked Out

Outlook or Teams shows error AADSTS50053 with message "Your account is locked" or "Sign-in blocked." Azure AD Smart Lockout has temporarily locked the account after too many failed sign-in attempts - 10 consecutive failures for public/China tenants, or just 3 for US Government tenants.

The Fix

Option 1: Self-Service Password Reset (Fastest)

If SSPR is enabled for your tenant:

Go to: https://passwordreset.microsoftonline.com
Complete identity verification
Reset your password

This immediately resets the lockout timer to zero.

Option 2: Wait It Out

Azure AD Smart Lockout automatically unlocks accounts. The lockout duration starts at 1 minute and increases with each subsequent failure. Just wait and try again with the correct password.

Option 3: Admin Unlock

If you are the admin or can reach one:

Entra ID Admin Center > Users > [Select User] > Reset Password

Or via PowerShell:

# Connect to Azure AD
Connect-MsolService

# Unlock the account
Set-MsolUser -UserPrincipalName user@domain.com -BlockCredential false

After Unlocking

Check Entra ID sign-in logs for the failed attempts. If you see IPs you do not recognize, the account may be under attack:

Entra ID > Sign-in logs > Filter by user > Look for Failure status

Consider enabling MFA if not already active, and disable legacy authentication protocols which are common attack vectors.

Prevention (Requires Azure AD P1)

Customize Smart Lockout settings:

Microsoft Entra admin center > Protection > Authentication methods > Password protection
Set custom Lockout threshold (1-50 attempts)
Set Lockout duration in seconds (5-18,000 seconds)

Verify

User can sign in normally. If lockouts keep happening, investigate sign-in logs for password spray attacks or legacy auth attempts from compromised credentials.