MicrosoftThat’s correct. We assume that the inhibition threshold is much lower to forward the PIN in the new scenario vs. giving someone the password of their own account. Even then if the account is protected using MFA the scenario is even harder to share “credentials” with other users.
With the current process users in SharePoint can easily invite external users and after the redeem process the external account is available in the AAD as a user of type “guest”. Having a AAD reference enables all the benefits of the introduced B2B collaboration features like additional MFA and AAD based group membership.
Yes there is the option to add external guests to Office 365 group, but in most cases this is not the scenario my customers are looking for. Most scenarios only share specific folders with external users.
With the new model you are mixing models and I think this is not easier to understand for users. One user already available in the AAD (because he was added to Office 365 Group as a guest) will not use the PIN based login while another user accessing the same file/folder is using the PIN method because the user was not yet added to the AAD.
