Microsoft
MicrosoftExcellent updates. Is there anything in the pipeline for Windows Hello for Business to be able to select from multiple identities on FIDO2 keys on login with Azure AD joined devices, similar to how you can select from a list of associated identities with web authentication if you have a key on multiple accounts with different permission levels? With the keys we are using it seems to only use the last associated one to a key, with no similar selector today at pre-login.
Also, is there anything on the roadmap for being able to use FIDO2 security keys during UAC privilege escalation? At present it looks like WHfB will auth initial login via security key, but when running a standard account normally and looking to elevate as admin or run as other user for some app/action that UAC has no logic to use a FIDO2 security key for that action/authentication. Seems like there is some logic for a WHfB to use a local pin for UAC prompts, but that's only a per machine option when pre-set per admin per system.
