Passwordless authentication available in Azure AD

Microsoft announced that passwordless authentication is now generally available in Azure AD! This is a major milestone in Microsoft’s strategy to encourage all of their users and organizations to go passwordless. Now organizations can rollout passwordless authentication across their hybrid environments at scale. Users get a familiar, simple to use authentication experience that offers industry best security and works across an increasingly broad set of devices and services.

Authentication methods management

Authentication methods policies form the foundation of our passwordless story. These policies provide IT admins with more granular control of authentication methods usage within their organizations. In the portal, you also can now see and delete passwordless methods on the User blade, for example revoking a FIDO2 Security Key registration if the user has lost it.


Figure 1: Authentication methods management in Azure Portal


Figure 2: Merged Microsoft Authenticator policy management configuration


Figure 3: A user’s registered credentials in Azure Portal

Improved user experiences

From the beginning, making the passwordless authentication flow delightful has been Microsofts top priority. Microsofts promotes credentials that users use frequently so they have the best user experience across devices. This credential will prompt for an authentication method, be it password or Authenticator app or FIDO key, until the user chooses “Other ways to sign-in,” to switch. People can choose when to begin using their new passwordless options and avoid having it foisted on them unexpectedly.


Figure 4: A user’s login page to select security key in Microsoft 365

Source: Microsoft Azure Active Directory Identity Blog

Secure your organization now

Cookies enable us to optimize your use of our website. We also use third-party cookies for advertising and analysis purposes. Please read our Cookie and Privacy policy for more information.