Blog Post

Core Infrastructure and Security Blog

10 MIN READ

How-to: Password-less FIDO2 Security Key Sign-in to Windows 10 HAADJ Devices

Microsoft

Jun 03, 2020

Hello everyone, my name is Liju and I am a Premier Field Engineer specializing in Active Directory and Azure AD. Fido2 support for single sign-on (SSO) was introduced first for cloud resources, and...

Updated Jun 03, 2020

Version 5.0

LijuVarghese

LijuV

Microsoft

Joined January 08, 2019

View Profile

Core Infrastructure and Security Blog

Follow this blog board to get notified when there's new activity

jameswonderguy

Copper Contributor

Mar 01, 2024

Hi LijuV,

We have a requirement to enable passwordless authentication.

FIDO2 security key

As per the link below, the 1st requirement for FIDO2 security key based passwordless authentication is Multi-Factor Authentication. MFA cannot be met because the users are only provisioned with desktops. They do not have email access or a mobile phone for a 2nd factor as they are not allowed to.

https://learn.microsoft.com/en-us/entra/identity/authentication/howto-authentication-passwordless-security-key

Windows Hello for Business

Plus, the users would use shared desktops, so it appears from the below link that Windows Hello for Business is not an option either.

https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-passwordless

Our objective is go passwordless. Can it be achieved under such circumstances?

Thanks!

James