Blogs about: Microsoft Teams, backgrounds, Intune, OneDrive, Exchange, Azure AD, Windows 10, Security, Tenant, Exchange, best-practice, tips and & tricks

Manage app passwords for legacy applications - Multi-factor authentication

Sometimes you need an app password to allow a specific application to log into a mailbox without an MFA. This can be done through the steps below.

When using app passwords, it is important to remember:

  • App passwords are automatically generated and must be created and entered once per app.
  • There is a limit of 40 passwords per user. If you try to create one after that limit, you will be prompted to delete an existing password before you can create the new one.

Use My Sign-Ins to log into the security settings

Browse to: https://account.activedirectory.windowsazure.com/Proofup.aspx or to: My Sign-Ins (microsoft.com)

Press "Add Method"


Next, choose App Password


Give the application a clear name


Copy the password for use in the legacy application


App passwords are discouraged!

  • Using an app password is less secure than logging in via Multi-factor authentication. Still, it is possible to provide a password to log in directly.
  • Never use app passwords to log into regular applications!

Also read

Basic Authentication for Microsoft Exchange will cease as of Oct. 21, 2022
Making your organization more secure in one click with Azure AD Security Defaults
How to activate Multi-Factor Authentication (MFA) in Office 365?
Microsoft Teams security must-haves in 4 steps
Enable Azure Active Directory Self-Service Password Reset (SSPR)

Source: Manage app passwords for two-step verification (microsoft.com)

About the author

Tagged: , ,
0 0 vote
Article review
Please let us know if there are

Inline feedbacks
See all comments
Would love to know your thoughts, please leave a comment.x