Feb 12 2021
09:32 AM
- last edited on
Jan 14 2022
04:26 PM
by
TechCommunityAP
Feb 12 2021
09:32 AM
- last edited on
Jan 14 2022
04:26 PM
by
TechCommunityAP
Is it or will it be possible to use a FIDO2 key as an MFA token? (instead of passwordless signin)
Thanks!
Feb 12 2021 11:03 AM
Feb 12 2021 01:59 PM
Feb 12 2021 03:04 PM
Feb 13 2021 05:09 PM
Feb 14 2021 03:59 AM
Feb 14 2021 04:39 AM
Feb 14 2021 04:54 AM
>> I don't understand why you would want to get the OTP code otherwise, using passwordless auth is much simpler and more secure.
True, but we are facing some limitations where a security key with PIN would be an easy to use MFA token:
1. In some auth flows we don't see the option to use a security key to log on. (eg If you do a Connect-AzureAD you can use a github account, but you don't get an option to sign in using a security key.)
2. We want to our users to register for MFA. Those without a smartphone would be offered a yubikey. But apparently you can't register a security key unless you register another MFA method (authenticator/phone/email) first.
Bart
Feb 14 2021 05:11 AM
Feb 18 2021 03:06 PM
Mar 02 2021 01:50 PM - edited Mar 02 2021 01:52 PM