YUBICO – Go passwordless with Yubikey and Microsoft!
by Secutec
This week Microsoft announced that you can now go passwordless with the public preview of FIDO2 security keys support in Azure Active Directory (Azure AD)! As from now on you will be able to access all your Azure AD-connected apps and services seamless, secure and passwordless.
They have turned on a new set of admin capabilities in the Azure AD portal that enables you to manage authentication factors for users and groups in your organization. In the first release, you can use them to manage a staged rollout of passwordless authentication using FIDO2 security keys and/or the Microsoft Authenticator application. Going forward you’ll see Yubico adds the ability to manage all the traditional authentication factors (Multi-Factor Authentication (MFA), OATH Tokens, phone number sign in, etc.). The goal is to enable you to use this one tool to manage all your authentication factors.
Microsoft has teamed up with Yubico to make sure they have a FIDO2 form factor available at launch, including keys connecting via USB and NFC protocols. Yubico is offering a complimentary Yubikey starter kit to organizations with Microsoft 365 customers who are interested in beginning their passwordless journey.
For a limited time, the starter kit includes two multi-protocol YubiKeys, the YubiKey 5 NFC and YubiKey 5C. The YubiKey 5 NFC is compatible with USB-A ports and near field communication (NFC). The YubiKey 5C is compatible with USB-C ports.
Why does even Microsoft now feel so strongly about passwordless?
Every day, more and more customers move to cloud services and applications. They need to know that the data and services stored in these services are secure. Unfortunately, passwords are no longer an effective security mechanism. Microsoft tells us that they know from industry analysts that 81 percent of successful cyberattacks begin with a compromised username and password. Additionally, traditional MFA, while very effective, can be hard to use and has a very low adoption rate.
It’s clear we need to provide you with authentication options that are secure and easy to use, so they can confidently access information without having to worry about hackers taking over their accounts.
This is where passwordless authentication comes in. We believe it will help to significantly and permanently reduce the risk of account compromise.
