In the last blog post, we enabled FIDO2 security key logins with Windows 10 on our AADJ Windows machines, but users are still able to login with username/password. What if we want to enforce a FIDO2 Security Key or Windows Hello for Business login?
As companies like Yubico announce the next generation of YubiKeys with biometrics, let’s take a look at what is actually possible today with Azure AD Joined Windows 10 devices. Microsoft pushes us closer and closer to passwordless login options, but without a domain and GPOs available, some of our clients are left wanting. In this series of blog posts, I am going to walk through the setup of a FIDO2 device in Azure AD and Windows 10, and later apply Intune policies to alter login options.
Microsoft recently released Security Defaults to help customers make their Microsoft 365 and Azure environments more secure FOR FREE. Before you say it… you’re right… nothing is free, it’s included at no additional cost. Microsoft is making these features available to everyone because identity-based attacks have skyrocketed over the last couple of years. As Microsoft […]