Changes to FIDO2 security key registration and sign-in experiences

  • Home |
  • Changes to FIDO2 security key registration and sign-in experiences
Microsoft Azure Curtain Reveal Tech Bulletin Header

MC695490 · Microsoft Entra, SharePoint Development

From Microsoft Corporation
Technical Bulletin MC695490 · Published Dec 4, 2023

Message Summary

During FIDO2 security key registration, Microsoft Entra ID users may see an operating system or browser-generated prompt for creating a passkey on another device, such as a phone or tablet. In some cases, a QR code is shown to facilitate this option. When this happens, the user needs to select “Use a different device” to continue with their registration process.

This is due to an evolution of the ecosystem resulting in operating system and browser UI changes. For users on Windows 11 23H2, an updated system UI has been enabled to improve user discovery and selection of security keys and other passkey types. We are also aware that a similar prompt may be presented during sign-in time. Currently, we are investigating a mitigation to optimize the sign-in flow.

What you need to do to prepare:

If your organization uses FIDO2 security keys, we recommend that you reach out to affected users for awareness and update any internal documentation to guide users through this prompt. Please note that the prompt varies across operating systems and browsers. 

Recent Comments

No comments to show.

Recent Posts

Microsoft 365 Curtain Reveal Tech Bulletin Header
New Outlook for Windows: Auto-reading emails with Microsoft Windows Narrator
October 14, 2024
Microsoft 365 Curtain Reveal Tech Bulletin Header
(Updated) Microsoft Purview: Minor encrypted message portal design updates, URL to remain the same
October 14, 2024
Microsoft Exchange Curtain Reveal Tech Bulletin Header
(Updated) Microsoft Defender for Office 365: Tenant Allow/Block List will support IPv6 allow and block entries
October 14, 2024