all InfoSec news
I’d TAP That Pass
Malware Analysis, News and Indicators - Latest topics malware.news
Summary:
Given that:
- Temporary Access Passes (TAP) are enabled in the Azure AD tenant
AND - You have an authentication admin role in Azure AD
You can assign users a short lived password called a Temporary Access Pass (TAP) that satisfies most multi-factor authentication requirements implemented in Azure AD conditional access without alerting the user or modifying their existing password. In addition, you can take advantage of the OAuth on-behalf-of (OBO) flow to maintain access to the target account, even after …
access account addition alerting authentication azure azure ad called conditional access expired factor flow microsoft multi-factor multi-factor authentication oauth password requirements role target tokens valid