Forum Discussion
FIDO2 token or other hardware tokens for combined MFA/SSPR Registration?
This link says FIDO2 security keys are an available choice for combined registration:
However, I can't find any way to set either FIDO2 security key or mobile app code-only for SSPR. Mobile app code SSPR option is requiring setting up a second SSPR option such as SMS. I don't see any option to add FIDO2 security keys or hardware tokens for SSPR at all.
We want to set users up so their options for MFA and SSPR are just authenticator app OTP codes (if the user uses a smart phone) or FIDO2 tokens (if they don't use a phone). We don't want SMS, email or security questions enabled at all even as a secondary option.
2 Replies
KalimanneJ SSPR does not support FIDO2. Check https://learn.microsoft.com/en-us/entra/identity/authentication/concept-sspr-howitworks#authentication-methods or https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-methods#how-each-authentication-method-works
KalimanneJ Have you ever found a solution for this?
