Although this works pretty well (check out this blog post by Oktay), we have a new kid on the block now: FIDO2 security keys.įIDO2 security keys can be used for a passwordless experience in Azure AD, where it replaces the password entirely. The everlasting questionĭuring every Azure MFA implementation I got the same question over and over again: What if the user doesn’t want to use their (personal) mobile phone for verification? Up until now, OATH hardware token was the only option here. Now, I was surprised to see FIDO2 security key popping up in this list. Take a look at this list of supported authentication methods, and notice that passwordless methods can also be used as a form of verification for Azure AD Multi-Factor Authentication: This news seems to be kept under the radar a little bit, but I wanted to point out a new feature in Azure AD that might help out some organizations with their Azure MFA implementations.
0 Comments
Leave a Reply. |