Microsoft Secure Tech Accelerator
Apr 03 2024, 07:00 AM - 11:00 AM (PDT)
Microsoft Tech Community

FIDO2 (YubiKey) + multiple Identities on one Key + AAD Joined Windows Sign In

Copper Contributor

Hi all,


I am deploying full passwordless sign in in many On Prem AD, AAD and hybrid environments in meantime. When using FIDO sign at a AAD joined Windows machine for User sign in and the FIDO key used has two or more AAD identities, Windows is always signing in with the last identity added. 



  1. Adding FIDO key to user 1 via MySignins
  2. Adding FIDO key to user 2 via MySignins
  3. Sign into Windows Computer with user01 and use Sign in via Security Key
  4. Windows is signing in as user02

This is 100% reproducable. Also I often see the sign in screen switching to "Other User", even if only one Identity is deployed on the Security Key.

I wonder if this is a bug or a feature or I am doing anything wrong?




0 Replies