Home Blog Time To Go Passwordless With The FIDO2 Security Keys Support In Azure AD

Time To Go Passwordless With The FIDO2 Security Keys Support In Azure AD

 2019/08/06   Microsoft Cloud Solutions   1303 visit(s)


With the announcement the public preview of for FIDO2-based passwordless sign-in, Microsoft is allowing thousands of enterprises using Azure Active Directory as their identity management platform to easily go passwordless.

As passwords are no longer an effective security method, this new support marks a significant step towards the future. After enterprises enable this feature, users can sign in using a FIDO2 security key, the Microsoft Authenticator app, or Windows Hello. Microsoft is now rolling out the following features in preview to its Azure AD customers:

Why do we feel so strongly about passwordless?

Every day, more and more of our customers move to cloud services and applications. They need to know that the data and services stored in these services are secure. Unfortunately, passwords are no longer an effective security mechanism. We know from industry analysts that 81 percent of successful cyberattacks begin with a compromised username and password. Additionally, although traditional MFA is very effective, it can be hard to use sometimes.

It’s clear Microsoft needs to provide our customers with authentication options that are secure and easy to use, so they can confidently access information without having to worry about hackers taking over their accounts.

This is where passwordless authentication comes in. We believe it will help to significantly and permanently reduce the risk of account compromise.

Now, all Azure AD users can sign in password-free using a FIDO2 security key, the Microsoft Authenticator app, or Windows Hello. These strong authentication factors are based off the same world class, public key/private key encryption standards and protocols, which are protected by a biometric factor (fingerprint or facial recognition) or a PIN. Users apply the biometric factor or PIN to unlock the private key stored securely on the device. The key is then used to prove who the user and the device are to the service. 

Now let's get started!

To help you get started on your own passwordless journey, this week Microsoft's rolling out a bonanza of public preview capabilities. These new features include:

  • A new Authentication methods blade in your Azure AD admin portal that allows you to assign passwordless credentials using FIDO2 security keys and passwordless sign-in with Microsoft Authenticator to users and groups.

Microsoft's passwordless strategy

Microsoft's passwordless strategy is a four-step approach where we deploy replacement offerings, reduce the password surface area, transition to passwordless deployment, and finally eliminate passwords:

Need any help throughout your journey of adapting a passwordless strategy? get in touch with Ctelecoms experts!

This blog was originally written by Alex Simons.

Search the Blog

Subscribe Blog



IT & Cyber-Security Solutions

Best-in-class cyber security solutions to ...


Microsoft Cloud Solutions

Explore Ctelecoms extensive selection of ...


Datacenter Solutions

Solve issues, streamline operations, promote ...


Cloud Backup & Disaster Recovery Solutions

Keep your data, apps, emails and operations ...


Computing & Hyper-converged Infrastructure Solutions

Take your IT infrastructure to the next level ...


Unified Communications & Networking Solutions

Ensure you are securely connected with all ...


Meraki Networking Solutions

Quickly deploy a reliable, secure, cloud-managed ...