In this Entra ID and Microsoft 365, we will show how to enable FIDO authentication for Microsoft 365 users in Entra ID.
FIDO (Fast Identity Online) is one of the most secure authentication methods. FIDO comes in the form of a USB or USB-C key you plug into your computer and use for authentication.
FIOD is also the main tool that enables organisations to switch and implement passwordless authentication.
In my case, I have a Yubico USB C Security key, which costs me $29.
Enable FIDO2 Authentication in Entra ID
To enable FIDO2 authentication, Open the Entra ID admin center.
Click on Security
Authentication Methods – Policies
Click on FIDO2 Security Key
On the FIDO2 page, Click Yes to Enable and select All users or a specific group.
Add FIDO2 Authentication
Wait 40 minutes after the change and use the following steps to add FIDO2 manually. New users will get the FIDO2 option when they sign in for the first time.
Open your Entra ID Security Info page located at https://myprofile.microsoft.com/
Click on Security Info
Click on the Add sign-in method link.
Click Add
In the Choose Where to save this passkey window, click on the Security Key
In the Security key window, select your key type.
If your Security has a key PIN setup, enter it and Click OK.
After adding the FIDO2 key, log off from Microsoft 365 and log in again. When prompted, follow the steps to authenticate using your FIDO2 key.
To make FIDO2 your default authentication method, Click on the Sign in Windows hello or Security key from the Microsoft 365 login screen.