I’m excited to announce the public preview of Azure AD support for FIDO2 security keys in hybrid environments. Users can now use FIDO2 security keys to sign in to their Hybrid Azure AD joined Windows 10 devices and get seamless sign-in to their on-premises and cloud resources. Since the launch of the public preview of FIDO2 support for Azure AD joined devices and browser sign ins, this has been the top most requested feature from our passwordless customers.
We all know that passwords are no longer effective in protecting customers from cybersecurity threats. In fact, compromised passwords are the most frequent cause of enterprise security breaches. Alternatively, passwordless authentication using advanced technologies like biometrics and public/private key cryptography provides a convenient, easy to use experience and world class security.
With the expansion of FIDO2 support to Hybrid environments, we offer seamless sign-in to Windows devices and virtually unphishable access to on-premises and cloud resources, using a strong hardware-backed public/private-key credential.
Our customers shared that simpler deployments are essential for a successful passwordless journey. We took their feedback seriously and enabled FIDO2 security keys for your hybrid environment requires only three deployment components:
To get started on your FIDO2 journey, you need to:
Additionally, we’re excited to share additional hardware options for FIDO2 security keys from our Microsoft Intelligent Security Association partners. Ensurity Technologies now offers the Thin-C USB key with storage, eWBM Inc. has a new Goldengate USB-C key, and Thales announced Azure AD passwordless sign-in integrations with its PKI-FIDO smartcard. See the full listing of tested compatible devices.
To get started on your passwordless journey, visit Go passwordless.
As always, we love to get your feedback and suggestions! Let us know what you think in the comments below.
Alex Simons (@Alex_A_Simons)
Corporate VP of Program Management
Microsoft Identity Division
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.