Microsoft has been touting the benefits of ditching traditional passwords and has been working with FIDO for a few years to bring password-free solutions to both, enterprises as well as consumers. As part of that efforts, the firm brought about support for FIDO2 security keys in Azure Active Directory (Azure AD) last year.
Today, the Redmond giant is taking another step in expanding the password-less authentication narrative by introducing the public preview of support for FIDO2 security keys for Azure AD joined devices and resources in hybrid environments. The firm states that support for such devices has been the top request from customers that use password-less authentication.
The firm also adds that since customers’ feedback suggests that they appreciate simpler deployments of such functionality, the deployment of FIDO2 security keys for hybrid environments requires only three deployment components. They include:
- Windows Server patch for Domain controllers (Server 2016/Server 2019).
- Windows Insider Builds 18945 or later for PCs.
- Version 1.4.32.0 or later of Azure AD Connect.
In addition to the launch of the public preview, the company also announced the availability of a few new FIDO2 security keys from its partners. They include the Thin-C USB key with storage from Ensurity Technologies and the Goldengate USB-C key from eWBM Inc. You can head here for the full list of compatible devices. Additionally, you can head to the documentation here for the configuration of devices, enabling single sign-on (SSO), and more information.