Microsoft 365 Passkey Setup

Microsoft 365 Passkey Setup

Microsoft 365 supports hardware security keys with passkeys. Passkeys are sometimes called FIDO2. Passkeys are one of many ways you can secure your accounts.

In this post, I will show you step-by-step how to set up a passkey in Microsoft 365, including configuring a passkey with a break glass emergency access account.

Prerequisites

The Process

In this example, I will use a USB device.

The PIN is required to access the passkey saved on the security key. Some security keys use biometrics instead of a PIN.

Now that everything is all set, we should test it to double-check everything.

Testing

Depending on your setup, when you log in to Microsoft 365, you may need to select Use your face, fingerprint, PIN or security key instead.

You should also be able to click on Sign-in options and select Face, fingerprint, PIN or security key from the login page.

You should now be logged in.

Emergency Access Accounts

Emergency access accounts also require MFA. A passkey is considered MFA. However, you need to log in with MFA before you can set up a passkey.

One of the ways to satisfy MFA in setting up a passkey is to use a TAP (Temporary Access Pass).

Summary

That’s all it takes to configure and set up a passkey in Microsoft 365 using a physical hardware security key.

If you want to read more about setting up passkeys, here is the Microsoft documentation.

If you want to learn more about Temporary Access Pass, here is the Microsoft documentation.

Exit mobile version