MC695490 · Microsoft Entra, SharePoint Development
From Microsoft Corporation
Technical Bulletin MC695490 · Published Dec 4, 2023
Message Summary
During FIDO2 security key registration, Microsoft Entra ID users may see an operating system or browser-generated prompt for creating a passkey on another device, such as a phone or tablet. In some cases, a QR code is shown to facilitate this option. When this happens, the user needs to select “Use a different device” to continue with their registration process.
This is due to an evolution of the ecosystem resulting in operating system and browser UI changes. For users on Windows 11 23H2, an updated system UI has been enabled to improve user discovery and selection of security keys and other passkey types. We are also aware that a similar prompt may be presented during sign-in time. Currently, we are investigating a mitigation to optimize the sign-in flow.
What you need to do to prepare:
If your organization uses FIDO2 security keys, we recommend that you reach out to affected users for awareness and update any internal documentation to guide users through this prompt. Please note that the prompt varies across operating systems and browsers.