Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community
SOLVED

How to set passwordless authentication for new user in company

Copper Contributor

Hi, 

 

In case of new user that join the company . How to set a passwordless authentication for the firs time logon experience?

 

My scenario is: 

  • User was created in Active directory (With random password)
  • Replicated in Azure AD with AD connect (Password Hash)
  • New laptop with autopilot profile Hybride Azure Ad domain join and Windows hello for business strategy

How i can deal with zero password for the new user?

 

Thanks

2 Replies
best response confirmed by julien_Gfi (Copper Contributor)
Solution

@julien_Gfi The user will have to use the password once. If enabled, the user than goes through the Windows Hello for Business wizard to provide a PIN. Since the pin is thight to the device, you cannot set up the PIN for the user. 

 

For Azure AD/Office passwordless sign-in, users need to register first using https://aka.ms/mfasetup. When enabled, users can register Microsoft Authenticator and enable phone-sign in afterward or add FIDO2 keys to sing-in wihouth passwords.

1 best response

Accepted Solutions
best response confirmed by julien_Gfi (Copper Contributor)
Solution

@julien_Gfi The user will have to use the password once. If enabled, the user than goes through the Windows Hello for Business wizard to provide a PIN. Since the pin is thight to the device, you cannot set up the PIN for the user. 

 

For Azure AD/Office passwordless sign-in, users need to register first using https://aka.ms/mfasetup. When enabled, users can register Microsoft Authenticator and enable phone-sign in afterward or add FIDO2 keys to sing-in wihouth passwords.

View solution in original post