Authentication Features
Focus
Focus
Next-Generation Firewall

Authentication Features

Table of Contents

Authentication Features

Learn more about new authentication features in PAN-OS 12.1.

Passwordless Authentication for Kerberos-Protected Applications

August 2025
  • Introduced for the following platforms using PAN-OS 12.1.2:
    • PA-7500
    • PA-5450
    • PA-5400 Series
    • PA-3400
    • PA-1400
    • VM-Series
Repeated authentication requests can interrupt workflows and diminish user productivity. The experience of continuously having to log in multiple times after a successful initial authentication is often frustrating to users. To simplify the authentication process and reduce user friction, enable passwordless authentication for users in your network.
Passwordless authentication uses the firewall to delegate a ticket on the behalf of the authenticated user, so that users have to log in to authenticate only once. After successfully authenticating, they can access any of the apps that the authentication server manages until the authentication period expires without having to log in again.
Passwords are one of the most common factors in data breaches and malicious actors are continuously finding new ways to fraudulently obtain these credentials every day. However, many enterprise applications still require passwords. Passwordless authentication helps to remove some of the burden for your users of having to remember and update passwords for critical applications. This assists in reducing the attack surface for your network and improving your overall security posture.
With passwordless authentication, users just have to log in one time to authenticate, and then they can easily switch between multiple apps without having to reauthenticate immediately. By reducing the number of times users have to log in, you can help to simplify the user authentication experience and improve the security of your network.