The short answer is exactly that, short. Yes, Azure does support FIDO2!
Now let’s be VERY clear, there is one glaring exception to this rule (isn’t there always when it comes to Microsoft?): FIDO2 doesn’t work on iOS apps and for FIDO on prem you have to set up a less than ideal connection. So, you’ll also need certificate-based authentication enabled to really accomplish what you’re trying to. That said, it’s relatively simple to enable for most everyday Azure practitioners, and you can read all about how to go passwordless in azure with CBA and FIDO over on our blog…
… Do you know what else supports FIDO2? Entra ID! …you know, because of the Azure AD rebrand? Whatever you’re choosing to call it these days, Microsoft’s identity and access management (IAM) cloud solution fully supports FIDO2 security keys. This is a testament to Microsoft’s steadfast commitment to fortify passwordless authentication options for its users. When integrated with Azure AD, FIDO2 security keys serve as an excellent defense against phishing, man-in-the-middle, and socially engineered attacks that exploit weak or reused passwords.
There are many reasons to use hardware keys:
Azure’s, or Entra ID’s…whatever it is, support for FIDO2 is a significant step toward a more secure and passwordless future. As cyber threats become increasingly sophisticated, relying solely on passwords is becoming untenable. Solutions like FIDO2 hardware keys offer robust, user-friendly, and secure alternatives to the conventional password-based authentication of old. With Azure AD, supporting these solutions, organizations have a powerful tool in their security arsenal.
Well, I’d certainly encourage you to do some more research into FIDO2 hardware keys, more specifically, how to deploy them across various environments. If you’re looking into a hybrid deployment, check out this blog on how to go passwordless on-prem with FIDO2. Alternatively, if you’re interested in learning more about the quirks of deploying FIDO2 keys in a cloud-only instance, allow me to point you here. …and I’d be remiss to not remind you that we quite literally dedicate our lives to making this easy for you. Check out EZCMS, the one stop shop for going passwordless using FIDO2!