Go Passwordless with YubiKey and Microsoft Azure Active Directory

person logging into laptop using YubiKey and Microsoft Azure AD

Today, Yubico celebrates an important milestone in the evolution of modern authentication. We are excited to report that YubiKey passwordless authentication is now generally available to Microsoft’s Azure Active Directory (Azure AD) users, a critical step toward achieving better security without compromising usability. Nearly three years ago, Yubico started on this journey with Microsoft and brought the first FIDO2-enabled security key to the market. Today’s announcement highlights our commitment to continue delivering trust at scale.

What does passwordless general availability mean?

With the general availability of passwordless login for Azure AD, admins can now enable a passwordless login flow for their users with a variety of authentication options including: Windows Hello, Microsoft Authenticator App, and FIDO2 security keys, like YubiKeys. Once enabled, enrolling, adding, and removing YubiKeys is a self-service process for employees. 

End-users can experience passwordless authentication with a YubiKey to log in to: 

  • Microsoft 365 web apps on the Chrome (version 66 and above) and Edge (version 1903 and above) desktop browsers
  • Enterprise applications federated with Azure Active Directory 
  • Windows 10 devices (version 1909 and above) joined to Azure Active Directory
  • Windows 10 devices (version 2004 and above) joined to a hybrid Active Directory 

“Now with broad support for FIDO2 standards, our customers can provide an authentication experience for their users that is effortless, cross platform, and highly secure,” said Alex Simons, Corporate Vice President of Program Management, Microsoft Identity Division. “We are happy to be part of a collaboration with Yubico in our joint effort to move beyond passwords and provide more secure environments for today’s workforce.”

Which YubiKeys support passwordless authentication with Azure Active Directory?

Many YubiKeys support Microsoft’s passwordless authentication, including the flagship YubiKey 5 Series, and the Security Key NFC by Yubico.

The YubiKey 5 Series is Yubico’s line of multi-protocol keys designed for enterprises and prosumers. These keys support FIDO2, along with five other authentication protocols, on one device: FIDO U2F, PIV (smart card), OTP (one-time password), OpenPGP, and static password. This enables YubiKey 5 Series keys to serve as a “bridge to passwordless” as they provide strong authentication across existing environments and modern environments like Azure AD. The YubiKey 5 Series comes in a variety of form factors and can connect via USB-A, USB-C, Lightning, and near-field communication (NFC).

The Security Key NFC by Yubico is a FIDO-only authentication device and supports both USB-A and NFC connections. The upcoming YubiKey Bio is also a FIDO-only authentication key that will support passwordless authentication in Microsoft environments using USB-A or USB-C connections. The YubiKey Bio is currently in private preview and you can register here to get updates.

How do you get started with YubiKeys and Microsoft Azure Active Directory? 

To get started with passwordless authentication in your Microsoft environment, visit our e-commerce site to purchase a passwordless starter kit, or contact the Yubico sales team to get a consultation and learn about what solutions are best suited for your needs. 

You can also learn more about other YubiKey and Microsoft passwordless deployments by reading our latest case study with the Government of Nunavut. In 2019, the Government of Nunavut turned to phishing-resistant YubiKeys and Azure AD to rebuild their infrastructure after a ransomware attack. 

For additional resources about Microsoft’s passwordless authentication please visit their blog or register for the upcoming webinar on March 25, “What you can do today with passwordless AD and YubiKeys.”

Talk to our teamTalk to our team

Share this article:


  • Q&A with Yubico’s CEO: Our move to the main Nasdaq market in StockholmAs 2024 draws to a close, it’s the perfect time to reflect on the incredible journey we’ve had this year and how it has shaped where we stand today as a company. To mark this moment, I sat down with our CEO, Mattias Danielsson, to look back on the milestones and achievements of 2024—culminating in […]Read moreCEOMattias Danielsson
  • Exploring DORA: A look at the next major EU mandateFinancial institutions have historically managed operational risk using capital allocation, but under EU Regulation 2022/2554 – also known as the Digital Operational Resilience Act (DORA) – the financial sector and associated entities in the European Economic Area (EEA) must also soon follow new rules. These new rules focus on the protection, detection, containment, and the […]Read moreDORAEU
  • Securing critical infrastructure from modern cyber threats with phishing-resistant authenticationAcross the globe, 2024 has seen a whirlwind of change. With ongoing wars, recent political change-ups and more, growth in data breaches targeting critical infrastructure continue to be on the rise. Critical infrastructure is integral to our everyday life – from the energy and natural resources powering our hospitals and providing clean drinking water, telco […]Read moreCISAcritical infrastructurezero trust
  • surface blog crownMicrosofts Surface Pro 10 möjliggör NFC-baserad lösenordsfri inloggning med YubiKeys, för företagDra fördel av det långvariga samarbetet mellan Microsoft och Yubico genom att distribuera YubiKeys tillsammans med den nya Surface Pro 10 enheten för ditt företag. Read morenfcpasswordless