MicrosoftHi All!
This Passwordless is GA isn't really true. There are scenarios that used to work but no longer work and the current situation is quite a step down from 2018...
1. TAP in OOBE is not an option. so how to set up a brand new PC out of the box? OOBE only offers password and FIDO2 key. WHen and how do you register your key on this computer? IF the computer is self deploying IE doesn't show any OOBE and jump traight to the login screen, provided web sign in is on you can here use a TAP to log in and then set up WHfB without a password, but this is NOT supported for dedicated Windows devices. Whats coming here to solve this?
2. Phone sign in in OOBE used to be a thing, but its NOT anymore. Well it is until the computer is done and show you the login screen. then you are reduced to using password, security key or web sign in which again now does NOT support phone sign in. THe flow is broken! So there is no way to use a TAP to set up phone singn in on a phone and then use passwordless to set up WHfB passwordless in OOBE on a new Windows device.
3. Passwordless sign in has been reduced to WHfB or security key on Windows where we could use web sign in before with phone sign in.
So what are the passwordless procedures to get through these scenarios on dedicated windows machines? The process is broken unless we can continue to use web sign in / Phone Sign in untill WHfB is set up.
