Microsoft Azure Active Directory (AD) users can use YubiKeys to log into various applications now that Yubico has announced that its passwordless authentication technology is generally available for users of the platform. In plain terms, that means that Azure AD users no longer need to use a password to gain access to corporate materials and personal accounts.
The new utility builds on Yubico’s existing relationship with Microsoft, which dates all the way back to 2018. Yubico started offering passwordless support for the Azure AD and Windows Hello platforms in April of that year, and has since expanded on that trial with a public preview and the release of a dedicated Yubico Login for Windows Application.
The latest news takes the program out of the pilot phase and brings it to the population at large. End-users will be able to use a YubiKey to verify their identity when they log into any Microsoft 365 web app, or an enterprise app built with Azure AD. The feature will also cover Windows 10 devices linked to the Azure Active Directory or Microsoft’s hybrid Active Directory.
Passwordless Microsoft 365 logins are available through the Chrome and Edge desktop browsers, and only at or above versions 66 and 1903, respectively. The Windows 10 Azure AD feature is available on devices with version 1909 and above, while the hybrid AD feature applies to devices with version 2004 and above.
The entire YubiKey 5 Series will support the new Azure AD protocol, as will the Security Key NFC and the upcoming YubiKey Bio. The YubiKey 5 is available in USB-A, USB-C, Lightning, and NFC form factors, and supports the FIDO U2F, PIV, one-time password, OpenPGP, and static password authentication protocols, in addition to FIDO2.
“Now with broad support for FIDO2 standards, our customers can provide an authentication experience for their users that is effortless, cross platform, and highly secure,” said Microsoft Identity Division Program Management VP Alex Simons. “We are happy to be part of a collaboration with Yubico in our joint effort to move beyond passwords and provide more secure environments for today’s workforce.”
Yubico recently revealed that customers can now use YubiKeys to log into Amazon Web Services apps through the AWS Single Sign-on (SSO) system. The improved Azure AD passwordless login flow supports Windows Hello, the Microsoft Authenticator App, and FIDO2 security keys as authentication options.\