Microsoft today announced the public preview of Azure AD support for FIDO2-based passwordless sign-in. With this support, thousands of enterprises with Azure Active Directory as their identity management platform can easily go passwordless. As passwords are no longer an effective security method, this new support marks a significant step towards the future. After enterprises enable this feature, users can sign in using a FIDO2 security key, the Microsoft Authenticator app, or Windows Hello. Microsoft is now rolling out the following features in preview to its Azure AD customers:
- A new Authentication methods blade in your Azure AD admin portal that allows you to assign passwordless credentials using FIDO2 security keys and passwordless sign-in with Microsoft Authenticator to users and groups.
- Updated capabilities in the converged Registration portal for your users to create and manage FIDO2 security keys.
- Ability to use FIDO2 security keys to authenticate across Azure AD-joined Windows 10 devices on the latest versions of Edge and Firefox browsers.