Bypass MFA with Temporary Access Pass

This is a guide on how to create a one time passcode to help a user on a first time login to Microsoft Authenticator, or to help a remote user gain access to their email when passwordless or phishing resistant MFA methods are temporarily unavailable.

Step 1: Login to Azure AD using this link: Users – Azure Active Directory admin center.

Step 2: Select a user.

Step 3: Select “Authentication methods” on the left pane.

Step 4: Select “Add authentication method” which is in the top pane of tabs.

Step 5: Under “Choose method” select “Temporary Access Pass.”

Step 6: Leave the default settings, or extend the duration if needed, then select “Add.”

The next time the user is prompted to log in, they will be asked for the temporary access pass instead of a password.