The First Step to Passwordless with Temporary Access Pass

 Passwordless authentication options, like FIDO2 and passwordless phone sign-in via the Microsoft Authenticator app, provide users with a secure way to log in without using a traditional password. Users have two primary avenues to initiate these Passwordless methods:

• Leveraging existing Microsoft Entra multifactor authentication methods.
• Employing a Temporary Access Pass (TAP)

A Temporary Access Pass is a time-bound passcode that allows users to sign in with this temporary code to onboard to passwordless authentication methods, such as phone sign-in with an authentication app or FIDO2 with Windows Hello for Business.

Enable Temporary Access Pass (TAP)

1. Sign in to Entra ID Portal (Former known as Azure AD portal) 

    6. Then Enable and select Configure

Create a Temporary Access Pass for User

1. Navigate to user account on the Entra Portal - Identity > Users

3. select Authentication methods

Share the Details with User. 

Sign-in experience on the End-user

From here, you can add your authentication method, such as FIDO2.

Admin Portal experience 

In the Admin center, we can see the details of the created Temporary Access Pass, and if it has expired, we can also see that.