Nov 16 2022 04:02 AM - edited Nov 16 2022 04:05 AM
Hi All,
I set up Passwordless Authentication, as follows:
Endpoint Manager
Devices
Config Profile
Identity Protection
Added devices to Test Group in stages
Applied to devices and staff can now use WHFB to log in on work laptops
This works well. However, I wanted to check easily who hadn't had the profile applied. I was going into Azure Sign-in logs and checking staff for login authentication but thought there must be an easier report to use.
Found the Azure Authentication Methods-Activity report and this shows only 4 out of 53 Users are capable of passwordless authentication - I can't understand this, as on the same screen it shows all devices registered as WHFB in the graph below. The screenshot only shows a few examples but the
list goes down all showing not capable.
For the 4 devices it says are capable of passwordless authentication, I cannot see any difference to those listed as not. Every other device is logging in using Business Hello (bar 1 in the screenshot as haven't added to the WHFB group yet)
Just wondered why there is a discrepancy in what is being reported.
Thanks,
Darren
Feb 12 2023 03:04 AM
Even though MFA Registration Details and Reset Event Reports provide great assistance, there are some notable lags too.