Forum Discussion
Users capable of passwordless authentication show incorrect staff numbers
Hi All,
I set up Passwordless Authentication, as follows:
Endpoint Manager
Devices
Config Profile
Identity Protection
Added devices to Test Group in stages
Applied to devices and staff can now use WHFB to log in on work laptops
This works well. However, I wanted to check easily who hadn't had the profile applied. I was going into Azure Sign-in logs and checking staff for login authentication but thought there must be an easier report to use.
Found the Azure Authentication Methods-Activity report and this shows only 4 out of 53 Users are capable of passwordless authentication - I can't understand this, as on the same screen it shows all devices registered as WHFB in the graph below. The screenshot only shows a few examples but the
list goes down all showing not capable.
For the 4 devices it says are capable of passwordless authentication, I cannot see any difference to those listed as not. Every other device is logging in using Business Hello (bar 1 in the screenshot as haven't added to the WHFB group yet)
Just wondered why there is a discrepancy in what is being reported.
Thanks,
Darren
1 Reply
Its a Limitations of MFA Registration Details and Reset Event Reports
Even though MFA Registration Details and Reset Event Reports provide great assistance, there are some notable lags too.
- Dashboard does not display the PhoneAppNotification and PhoneAppOTP methods that a user might have configured.
- Data in the report is not updated in real-time and may reflect a delay of a few hours.
- Reports don’t come up with graphical representation for a better understanding.
- Scheduling can’t be done in MFA registration reports.
