Temporary Access Pass is the new feature of Microsoft services to log in without passwords: this is how it works



Microsoft is working to fulfill its promise to offer services to its customers and users. without the need to enter passwords. According to the spokesmen of the brand they have announced during their Ignite event that takes place these days, it is now ready in "preview" mode Temporary Access Pass technology at the moment for Azure Active Directory. This allows you to register for new services without having to generate a password. To do this, a short-lived, unique access code is provided that a company's tech managers can send to users to log in.


Instead of a password, which is characterized by always having to be used, this pin is for single use. As well would serve to regain access to the account in the event of a problem, such as the loss of the phone that is used to access it. The technology is already in preview mode for the general public.




What Temporary Access Pass does is offer "a limited duration access code that can be used to configure the security keys and Microsoft Authenticator without the user having to use or remember any password", as explained by Alex Simons, Corporate Vice President Program Management in the company. That code has a limited time.



Azure Active Directory will also be accessible without a password




Re4csqy



Another great novelty is that Azure Active Directory o Azure AD, the cloud-based service that customers can use to manage their employees' login tasks, has other ways to login without using passwords.



The service allows employees to substitute their passwords for biometric logins using Windows Hello for Business, FIDO2-based security keys or authentication applications supported from Microsoft Intelligent Security Association (MISA) partners, such as Feitian, Yubico, Authen Trend and others. Yubico's YubiKey hardware is now compatible with this cloud service.



At the end of last year the company already announced that it was imagining a 2021 where passwords would lose importance and that happens through the launch of new tools to manage FIDO2 security keys and the construction of a convergent registration portal "in which all users can seamlessly manage credentials without password through the My Apps portal ".



Codes instead of passwords: a Microsoft idea that is not new




password pin



Regarding the announcement of Temporary Access Pass, it may be striking that Microsoft advocates a code rather than a password. But you have to remember that the Redmond firm already began to speak in 2019 to have "passwordless" devices, that is, free passwords through your Windows Hello, and that one of the alternatives to these is the use of a PIN.







Tips for creating and remembering a good password





Isn't a PIN a short numeric password? How can that be more secure than a complex password? As Microsoft detailed, A PIN for Windows Hello offers the security advantage that this number is serverless, that is, that password is not stored on Microsoft's servers, and therefore it is not susceptible to a security breach that they may suffer. Everything, regardless of how complex or simple the numerical combination may be.



Industry Advances in Password-Free Internet Usage




password



Microsoft's new announcements follow a trend that is gaining momentum in the industry: access to services without the need to enter passwords, while other authentication systems such as biometrics are being developed: we have as examples the aforementioned Windows Hello or Apple's Face ID. Or also like the hardware of security keys (security keys) like the YubiKeys of Yubico.



As Cnet recalls, the big problems with passwords are the wrong choice of the combination of numbers and letters (sometimes very simple and very easy for hackers to decipher), that we reuse them and that we often forget them. In addition to the risk that the service company may suffer security breaches that expose the passwords it hosts. In fact, the security site, Have I Been Pwned, has counted more than 613 million stolen passwords.



The Ignite conference, held this year between March 2 and 4, and only online due to the COVID-19 pandemic, is aimed at professional users in the tech sector and other technicians who use Microsoft products.