Today, Yubico celebrates an important milestone in the evolution of modern authentication. YubiKey passwordless authentication is now generally available to Microsoft’s Azure Active Directory (Azure AD) users, a critical step towards achieving better security without compromising usability. The YubiKey 5 Series is your “bridge to passwordless” enabling strong authentication across existing Microsoft environments and modern cloud-based infrastructures like Azure AD. Go passwordless with Azure AD!
Nearly three years ago, Yubico started on this journey with Microsoft and brought the first FIDO2-enabled security key to the market. Today’s announcement highlights our commitment to continue delivering trust at scale.
What does “passwordless general availability” mean?
With the general availability of passwordless login for Azure AD, admins can now enable a passwordless login flow for their users with a variety of authentication options including: Windows Hello, Microsoft Authenticator App, and FIDO2 security keys, like YubiKeys. Once enabled, enrolling, adding, and removing YubiKeys is a self-service process for employees.
End-users can experience passwordless authentication with a YubiKey to log in to:
- Microsoft 365 web apps on the Chrome (version 66 and above) and Edge (version 1903 and above) desktop browsers
- Enterprise applications federated with Azure Active Directory
- Windows 10 devices (version 1909 and above) joined to Azure Active Directory
- Windows 10 devices (version 2004 and above) joined to a hybrid Active Directory
“Now with broad support for FIDO2 standards, our customers can provide an authentication experience for their users that is effortless, cross platform, and highly secure,” said Alex Simons, Corporate Vice President of Program Management, Microsoft Identity Division. “We are happy to be part of a collaboration with Yubico in our joint effort to move beyond passwords and provide more secure environments for today’s workforce.”
Which YubiKeys support passwordless authentication with Azure Active Directory?
Many YubiKeys support Microsoft’s passwordless authentication, including the flagship YubiKey 5 Series, and the Security Key NFC by Yubico.
The YubiKey 5 Series is Yubico’s line of multi-protocol keys designed for enterprises and prosumers. These keys support FIDO2, along with five other authentication protocols, on one device: FIDO U2F, PIV (smart card), OTP (one-time password), OpenPGP, and static password. This enables YubiKey 5 Series keys to serve as a “bridge to passwordless” as they provide strong authentication across existing environments and modern environments like Azure AD. The YubiKey 5 Series comes in a variety of form factors and can connect via USB-A, USB-C, Lightning, and near-field communication (NFC).
The Security Key NFC by Yubico is a FIDO-only authentication device and supports both USB-A and NFC connections. The upcoming YubiKey Bio is also a FIDO-only authentication key that will support passwordless authentication in Microsoft environments using USB-A or USB-C connections. The YubiKey Bio is currently in private preview and you can register here to get updates.
For the whole article – click here
To buy your own YubiKey in South Africa – click here