Passwordless Authentication with Azure AD and FIDO2 Security Keys and Yubikey Bio

walk through configuring passwordless authentication in Azure AD, then we on-board a user and walk through the passwordless experience with the new Yubico Yubikey Bio in a web browser and logging into a new install of Windows 11.
Links
Zero to Hero with Azure Virtual Desktop
www.udemy.com/course/zero-to-...
Hybrid Identity with Windows AD and Azure AD
www.udemy.com/course/hybrid-i...
Yubico Yubikey
www.pntrs.com/t/TUJGR0dNRkJHS...
VMware Workstation Pro
store-eu.vmware.com/
Microsoft compatible security key
docs.microsoft.com/en-us/wind...

Пікірлер: 18

  • @manjitbhatia9909
    @manjitbhatia99092 жыл бұрын

    Very good to the point explanation , great video as always

  • @joneslt
    @joneslt2 жыл бұрын

    These are great vids, thanks for posting. Its a shame the MS makes this process overly complicated, it dissuades some organizations from implementing these security measures.

  • @FSX239
    @FSX2392 жыл бұрын

    Thanks for this, very well done. You have a new subscriber.

  • @Ciraltos

    @Ciraltos

    2 жыл бұрын

    I’m glad you found it useful!

  • @hectoralicea1233
    @hectoralicea1233 Жыл бұрын

    Great videos thanks for sharing

  • @peroxisom5026
    @peroxisom50262 жыл бұрын

    Hi Travis, thank you for your well explained videos! I want to learn azure by doing it, creating ressources , whole architectures etc. So I was wondering if there are some kind of excercises which I can do. Is there something like that ?

  • @fbifido2
    @fbifido2 Жыл бұрын

    @13:04 - Why Single-Sign-On did not work with Edge after the type the myprofile site? - How to get SSO at this stage? - You signed into windows 11 using your Azure AD account (using the key), so the Windows 11 should be AAD Joined or Registered.

  • @michaelpietrzak2067
    @michaelpietrzak2067 Жыл бұрын

    Great video. I have MFA and FIDO2 setup for my users. But they are required to enter both PIN and then use a fingerprint. Is that how its supposed to work with these biometric Yubico keys?

  • @fbifido2
    @fbifido2 Жыл бұрын

    @12:56 - at this point can you still use the key by selecting "Sign-in options" ???

  • @dw2291
    @dw2291 Жыл бұрын

    Great vid. How about for Android? iOS?

  • @fbifido2
    @fbifido2 Жыл бұрын

    @6:08 - How does one create a backup key? - what to do if a key is stolen? (Even if i still have my fingers)

  • @matsandersson8888
    @matsandersson88882 жыл бұрын

    I read a lot about passwordless authentication, but are you able to have Azure to disable the option to login in with password and another factor fully? As I understand it, this is only possible with ordinary Microsoft accounts (as from this fall), not with Azure AD accounts. If I use a supported browser I indeed do not get the option to login using password and a second factor, but if using an unsupported browser I still get the possibility to use my password and e.g. the Microsoft Authenticator. If you only want to be able to use a security key and no other option - is it possible with Azure AD user accounts yet?

  • @Ciraltos

    @Ciraltos

    2 жыл бұрын

    Hello Mats, I don't know of any way to relay on only passwordless auth. Two factor MFA is required to onboard passwordless auth and is a failback if passwordless is not an option. Thanks, Travis

  • @MaxlenSantos
    @MaxlenSantos Жыл бұрын

    Can I do this procedure to login Linux?

  • @amitmoorthy
    @amitmoorthy11 ай бұрын

    Can you make this video with Microsoft authenticator

  • @davidtrevor8967
    @davidtrevor89672 ай бұрын

    Is phone call supported still? I never saw it as an option... or is it US only?

  • @Ciraltos

    @Ciraltos

    2 ай бұрын

    I didn't see anything about only US, but it's not supported on trail subscriptions learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-phone-options

  • @sameeryadav3470
    @sameeryadav347011 ай бұрын

    Does this work for macOS?