Secureworks researchers found what they say is a serious vulnerability in an Azure Active Directory authentication method, but Microsoft says it should not pose a serious risk to users.

New Azure Active Directory password brute-forcing flaw has no fix Microsoft says AD authentication responses are working as intended.

It's an alternative to using Microsoft's Active Directory Federation Services (ADFS) or "other federation services to pass through claims to Azure AD," the announcement explained.

Detailed information on how to create, use, and delete temporary passcodes for Azure AD can be found in this Microsoft Docs support article.