Microsoft Security

The benefits of MFA (Multi-Factor Authentication) are pretty obvious and this should be enabled everywhere and every time.

However, as an admin, you quite often have to log in as a user in order to troubleshoot yet another issue, and in those cases, MFA can be a right pain in the backside...



Often recommended way to temporarily disable MFA / Second Factor Authentication for a single user is to use Condition Access (Microsoft Entra Admin Centre > Protection > Conditional Access). Unfortunately, this requires a Microsoft Entra Premium license and not all organisations have this.

Another way to temporarily bypass MFA is to use the Temporary Acces Pass:

  • First of all, make sure that Temporary Access Pass authentication method is enabled for all (or relevant) users in Microsoft Entra Admin Centre > Identity > Protection > Authentication Methods.
  • Navigate to Microsoft Entra Admin Centre > Identity > Users > All Users > [User Name] > Authentication Methods > Add authentication method > Temporary Access Pass > Add.
    This will generate a temporary access password.
  • Go to and try to log in as the end user. You will be prompted to enter the Temporary Access Pass.
    Temporary Access Pass


October 2023
Microsoft Office 365
Exchange Online

No comments

Leave your comment

In reply to Some User
Captcha Image