Enable FIDO2 Authentication With Entra ID and Microsoft 365

In this Entra ID and Microsoft 365, we will show how to enable FIDO authentication for Microsoft 365 users in Entra ID.

FIDO (Fast Identity Online) is one of the most secure authentication methods. FIDO comes in the form of a USB or USB-C key you plug into your computer and use for authentication.

FIOD is also the main tool that enables organisations to switch and implement passwordless authentication.

In my case, I have a Yubico USB C Security key, which costs me $29.

Enable FIDO2 Authentication in Entra ID

To enable FIDO2 authentication, Open the Entra ID admin center.

Click on Security

Authentication Methods – Policies

Click on FIDO2 Security Key

On the FIDO2 page, Click Yes to Enable and select All users or a specific group.

Add FIDO2 Authentication

Wait 40 minutes after the change and use the following steps to add FIDO2 manually. New users will get the FIDO2 option when they sign in for the first time.

Open your Entra ID Security Info page located at https://myprofile.microsoft.com/

Click on Security Info

Click on the Add sign-in method link.

Click Add

In the Choose Where to save this passkey window, click on the Security Key

In the Security key window, select your key type.

If your Security has a key PIN setup, enter it and Click OK.

After adding the FIDO2 key, log off from Microsoft 365 and log in again. When prompted, follow the steps to authenticate using your FIDO2 key.

To make FIDO2 your default authentication method, Click on the Sign in Windows hello or Security key from the Microsoft 365 login screen.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.