{"id":96416,"date":"2019-07-10T16:18:12","date_gmt":"2019-07-10T16:18:12","guid":{"rendered":"https:\/\/news.microsoft.com\/?p=433575"},"modified":"2019-07-10T16:18:12","modified_gmt":"2019-07-10T16:18:12","slug":"announcing-the-public-preview-of-azure-ad-support-for-fido2-based-passwordless-sign-in","status":"publish","type":"post","link":"https:\/\/sickgaming.net\/blog\/2019\/07\/10\/announcing-the-public-preview-of-azure-ad-support-for-fido2-based-passwordless-sign-in\/","title":{"rendered":"Announcing the public preview of Azure AD support for FIDO2-based passwordless sign-in"},"content":{"rendered":"

Howdy folks,<\/p>\n

I\u2019m thrilled to let you know that you can now go passwordless with the public preview of FIDO2 security keys support in Azure Active Directory (Azure AD)! Many teams across Microsoft have been involved in this effort, and we\u2019re proud to deliver on our vision of making FIDO2 technologies a reality to provide you with seamless, secure, and passwordless <\/strong>access to all your Azure AD-connected apps and services.<\/p>\n

In addition, we turned on a new set of admin capabilities in the Azure AD portal that enable you to manage authentication factors for users and groups in your organization. In this first release, you can use them to manage a staged rollout of passwordless authentication using FIDO2 security keys and\/or the Microsoft Authenticator application. Going forward you\u2019ll see us add the ability to manage all our traditional authentication factors (Multi-Factor Authentication (MFA), OATH Tokens, phone number sign in, etc.). Our goal is to enable you to use this one tool to manage all your authentication factors.<\/p>\n

Why do we feel so strongly about passwordless?<\/h3>\n

Every day, more and more of our customers move to cloud services and applications. They need to know that the data and services stored in these services are secure. Unfortunately, passwords are no longer an effective security mechanism. We know from industry analysts that 81 percent of successful cyberattacks begin with a compromised username and password. Additionally, traditional MFA, while very effective, can be hard to use and has a very low adoption rate.<\/p>\n

It\u2019s clear we need to provide our customers with authentication options that are secure and<\/strong> easy to use, so they can confidently access information without having to worry about hackers taking over their accounts.<\/p>\n

This is where passwordless authentication comes in. We believe it will help to significantly and permanently reduce the risk of account compromise.<\/p>\n

\"Passwordless<\/span><\/p>\n

Now, all Azure AD users can sign in password-free using a FIDO2 security key, the Microsoft Authenticator app, or Windows Hello. These strong authentication factors are based off the same world class, public key\/private key encryption standards and protocols, which are protected by a biometric factor (fingerprint or facial recognition) or a PIN. Users apply the biometric factor or PIN to unlock the private key stored securely on the device. The key is then used to prove who the user and the device are to the service. <\/p>\n

\"Public<\/span><\/p>\n

Check out this video<\/a> where Joy Chik, corporate vice president of Identity, and I talk more about this new standard for signing in. To learn more about why this should be a priority for you and your organization, read our whitepaper<\/a>.<\/p>\n

Let\u2019s get you started!<\/h3>\n

To help you get started on your own passwordless<\/a> journey, this week we\u2019re rolling out a bonanza of public preview capabilities. These new features include:<\/p>\n