Comments on: Achieving Passwordless Authentication in Azure AD

By: Tobias

Tobias — Sat, 14 May 2022 10:32:16 +0000

Thanks for your greate blog. Is there any option to remove Passwords from Azure AD cloud only users?

By: Mega

Mega — Tue, 21 Dec 2021 17:34:31 +0000

In reply to Danny Field. Exactly, if I want to avoid the vector of password and authenticator and only rely on the FIDO key, which does not seem to be possible, then why bother with the security key (from a security perspective)? Is it only the Microsoft consumer accounts which supports true passwordless setup?

By: Florian

Florian — Thu, 02 Dec 2021 14:52:01 +0000

In reply to Danny Field.

With conditional access a fido2 key is enough.
I do it this way: https://scloud.work/en/passwordless-security-key-microsoft-365/

By: Nathan Taylor

Nathan Taylor — Thu, 16 Sep 2021 13:57:36 +0000

It would be awesome if we could force users in a tenant to use Passwordless as part of a Conditional Access Policy

By: Suleiman da Costa

Suleiman da Costa — Tue, 03 Aug 2021 17:42:55 +0000

In reply to Danny Field. From my findings, you will need to use a token that supports TOTP.

By: Danny Field

Danny Field — Thu, 22 Jul 2021 15:36:45 +0000

Hi,

is there any way that I can let users have FIDO keys as their only method of MFA? It doesn’t appear so. They always need to set another method such as SMS or call. I am getting a lot of resistance to using mobile numbers or indeed mobile phones at all.