Forum Discussion

TobiK's avatar
TobiK
Copper Contributor
May 22, 2023

FIDO2 (YubiKey) + multiple Identities on one Key + AAD Joined Windows Sign In

Hi all,

 

I am deploying full passwordless sign in in many On Prem AD, AAD and hybrid environments in meantime. When using FIDO sign at a AAD joined Windows machine for User sign in and the FIDO key used has two or more AAD identities, Windows is always signing in with the last identity added. 

 

Example:

  1. Adding FIDO key to user 1 via MySignins
  2. Adding FIDO key to user 2 via MySignins
  3. Sign into Windows Computer with user01 and use Sign in via Security Key
  4. Windows is signing in as user02

This is 100% reproducable. Also I often see the sign in screen switching to "Other User", even if only one Identity is deployed on the Security Key.

I wonder if this is a bug or a feature or I am doing anything wrong?

 

Thanks

Tobi

No RepliesBe the first to reply

Resources