I realize that this is a very basic question. I even feel that I already have the answer but I would like to confirm with you anyway. We are looking to implement Multi Factor unlock. Is it correct to say that Multi factor unlock is part of Windows Hello for Business, and as such, requires that WHfB has been implemented according to one of the deployment models documented in the Windows Hello for Business docs (e.g. Windows Hello for Business Deployment Overview - Windows Security | Microsoft Learn)? Vice versa, it is not correct to say that Microsoft's Multi Factor unlock is can be implemented just by activating e.g. via in GPO while the parts that are mentioned in the WHfB deployment models are not in place. Right? Thank you very much in advance for any input on this matter.
Hi Multi-factor Unlock is an enhancement of Windows Hello for Business, which is a requirement to have in place to be able to use it. We are looking at it right now with Intune managed Notebooks. The config profile which needs to be configured is pretty straight forward.