cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Users capable of passwordless authentication show incorrect staff numbers

CopeStarr
Copper Contributor

‎Nov 16 2022 04:02 AM - edited ‎Nov 16 2022 04:05 AM

‎Nov 16 2022 04:02 AM - edited ‎Nov 16 2022 04:05 AM

Users capable of passwordless authentication show incorrect staff numbers

Hi All,

 

I set up Passwordless Authentication, as follows:

 

Endpoint Manager

Devices

Config Profile

Identity Protection

Added devices to Test Group in stages

Applied to devices and staff can now use WHFB to log in on work laptops

 

This works well. However, I wanted to check easily who hadn't had the profile applied. I was going into Azure Sign-in logs and checking staff for login authentication but thought there must be an easier report to use. 

 

Found the Azure Authentication Methods-Activity report and this shows only 4 out of 53 Users are capable of passwordless authentication - I can't understand this, as on the same screen it shows all devices registered as WHFB in the graph below. The screenshot only shows a few examples but the

list goes down all showing not capable.

 

Screenshot_20221116_115121.png

Screenshot_20221116_115243.png

 

For the 4 devices it says are capable of passwordless authentication, I cannot see any difference to those listed as not. Every other device is logging in using Business Hello (bar 1 in the screenshot as haven't added to the WHFB group yet)

 

Just wondered why there is a discrepancy in what is being reported.

 

Thanks,

Darren

Labels:
1,031 Views
0 Likes
1 Reply
Reply
1 Reply
umesawan

‎Feb 12 2023 03:04 AM

‎Feb 12 2023 03:04 AM

Re: Users capable of passwordless authentication show incorrect staff numbers

@CopeStarr 

Its a Limitations of MFA Registration Details and Reset Event Reports 

Even though MFA Registration Details and Reset Event Reports provide great assistance, there are some notable lags too.  

  • Dashboard does not display the PhoneAppNotification and PhoneAppOTP methods that a user might have configured.  
  • Data in the report is not updated in real-time and may reflect a delay of a few hours. 
  • Reports don’t come up with graphical representation for a better understanding. 
  • Scheduling can’t be done in MFA registration reports. 
0 Likes
Reply