As Alex Simons announced this morning, we’re thrilled to share that, starting today, enterprises with hybrid environments can enable passwordless authentication using FIDO2 security keys for Azure Active Directory (Azure AD) joined and Hybrid Azure AD joined Windows 10 devices—supporting single sign-on (SSO) to both cloud and on-premises resources!
This was one of the biggest customer asks from the public preview of Azure AD support for FIDO2, and a capability that many of you have been eagerly waiting for.
Get started on your passwordless journey
To start using FIDO2 security keys with Azure AD or Hybrid Azure AD scenarios, simply follow these steps:
- Enable passwordless authentication in Azure AD admin portal, and enable your users to register and manage FIDO2 security keys:
- Enable your users to use FIDO2 security keys to sign in to their Windows 10 devices via Microsoft Intune or Group Policy.
- Ensure that you have met and deployed all the required components to enable SSO to your cloud and on-premises resources.
For resources on the benefits of passwordless, as well as solutions and strategies to help you in your passwordless journey, go to aka.ms/gopasswordless.