The most uncomfortable part is their log in. The amount of re-directs and glitches there are insane. Its hard to believe that it works as intended.
As an example, for some reason I could not download the BAA because trying to download it lead to a login loop on their trust website, while I was still able to see the Azure console ok in the same browser.
When I signed out of my Azure account to try if a fresh login helped, it did not trigger my 2FA at the next login. In my mind, if I actively logged out from a browser window, I withdraw my trust in that device. So not being triggered for 2FA is a massive red flag.
(no I still could not download the BAA, nor file a ticket for it, but somehow a colleague could download it ok.)
I opened bug with the Microsoft Premier support and they told me that this works as intended.
So when Microsoft says, it works as intended, it can still be bugged to hell and back. They just don't care.