Hi everyone, welcome to my blog where I share tips and tricks on how to use Azure Active Directory (AD) for your business. In this post, I’m going to talk about a new feature that was recently announced: Temporary Access Pass.
What is Temporary Access Pass?
Temporary Access Pass is a time-limited passcode that you can use to sign in to Azure AD without a password and set up passwordless authentication methods, such as FIDO2 security keys or Microsoft Authenticator app. This is useful for scenarios such as:
- Onboarding new users who don’t have a password yet and want to go passwordless from day one.
- Recovering access to your account if you lose or forget your passwordless authentication devices.
- Enrolling in passwordless authentication methods if you don’t have an existing MFA method.
How to use Temporary Access Pass?
To use Temporary Access Pass, you need to have it enabled and configured by your administrator. They can set up the policy for Temporary Access Pass, such as who can use it, how long it lasts, and how many times it can be used. They can also create a Temporary Access Pass for you and send it to you via email or SMS.
Once you have a valid Temporary Access Pass, you can use it to sign in to Azure AD by entering your username and the passcode. Then, you will be prompted to register a passwordless authentication method of your choice. You can choose from FIDO2 security keys, which are physical devices that you plug into your computer or tap on your phone, or Microsoft Authenticator app, which is a mobile app that lets you sign in with a notification or a code.
After you register a passwordless authentication method, you can use it to sign in to Azure AD without a password from then on. You can also register more than one passwordless method for backup purposes. You can manage your passwordless methods from the My Security Info page in Azure AD.
Why should you use Temporary Access Pass?
Temporary Access Pass is a great way to enhance your security and convenience when using Azure AD. By using passwordless authentication methods, you can protect your account from phishing, credential theft, and password spray attacks. You also don’t have to remember or reset passwords anymore, which saves you time and hassle.
Temporary Access Pass is also a great way to onboard new users who want to go passwordless from the start. They don’t have to create or use a password at all, which reduces the risk of password compromise and improves the user experience.
Temporary Access Pass is now in public preview, so you can try it out today and see how it works for you.
Thanks for reading and stay tuned for more Azure AD tips!