Windows LAPS (Local Administrator Password Solution) provides centralized, simple and secure management of local administrator passwords in Microsoft Intune. Each device receives its own temporary administrator password. Windows LAPS automatically manages the administrator passwords in terms of expiration and rotation. Local administrator passwords are stored in either Azure Active Directory or local Active Directory.

Windows LAPS thus offers, for example, higher protection against pass-the-hash and lateral traversal attacks.