Microsoft updates: Entra ID FIDO2 security key support and Azure Virtual Desktop passwordless sign-in

With the use of phishing-resistant multi-factor authentication (MFA) like passkeys growing more every day, it’s exciting to see the widely popular service, Microsoft 365,  announce availability recently for passkeys on YubiKeys with mobile devices. This new Microsoft preview not only opens up support on iOS and iPadOS for Microsoft 365, but for a whole range of other Microsoft 1st party apps and also any other applications protected with Entra ID. 

This has been something on every Yubico and Entra ID customer’s wish list since 2019 when Microsoft first announced preview support for FIDO2 security keys. Customers are now beginning to get the support they have been asking for, and can now use the same YubiKeys that they use on their desktops on their iPhone. Entra ID has long supported passkeys on security keys like YubiKeys on Windows and other platforms, but there has been a lack of support on mobile devices. 

Microsoft initially announced support for passkeys in Safari in July 2023. While this was an important added feature, most customers really needed support using native apps. Now that preview support is finally available. With Microsoft’s new announcement, users now have a complete experience from mobile devices where you’re able to sign-in to both web applications and native apps using a YubiKey. 

How does it work?

To start using your YubiKey in Entra ID on mobile devices you need:

  • An iOS native app protected with Entra ID.
  • The native app protected with Entra ID should use this Microsoft guidance, Apps may require the use of Microsoft Authenticator until the apps are updated by the developers to natively support a passkey sign-in experience. 
  • An Entra ID tenant that has enabled support for passkeys (FIDO2 security keys).
  • An Entra ID account where you have registered a YubiKey 5 Series or YubiKey 5 FIPS Series.

In the below video, we try it out and show you how it works as well as passwordless sign-in on Azure Virtual Desktop, which is another exciting service that Microsoft also recently announced

Once your Azure Virtual Desktop host pools are configured to support passwordless SSO, then you can easily use your security keys to sign-in to these remote desktops to access all your applications on the go with a Windows experience. 

In the video, we use the iOS Remote Desktop application to show both of these two new features together where a user can now use their iPhone and a YubiKey to access their Windows 11 virtual desktops without using a password. 

We are excited to see this more complete passkey support for iOS for Entra ID protected applications. While today Entra ID customers can be phishing-resistant on Android devices using YubiKeys as Smart Cards, we are hopeful that they can also be phishing-resistant using more modern passkeys on YubiKeys. 

To learn more about passkey compatibility with Entra ID, visit here. To learn more about Azure Virtual Desktop visit the page here to learn about configuring passwordless SSO authentication to the AVD session host and also how to configure support for passwordless authentication inside the remote session.

Talk to our teamTalk to our team

Share this article:


  • Introducing new features for Yubico Authenticator for iOSWe’re excited to share the new features now available for Yubico Authenticator for iOS in the latest app update on the App Store. Many of these improvements aim to address frequently requested features from our customers, while providing additional new functionalities for a seamless authentication experience on iOS.  With increased interest in going passwordless and […]Read moreiOSYubico Authenticator
  • Platform independent digital identity for all Many are understandably concerned that the great invention called the Internet, initially created by researchers for sharing information, has become a major threat to democracy, security and trust. The majority of these challenges are caused by stolen, misused or fake identities. To mitigate these risks, some claim that we have to choose between security, usability […]Read moreDigital IdentityEUDIFounderStina Ehrensvard
  • Q&A with Yubico’s CEO: Our move to the main Nasdaq market in StockholmAs 2024 draws to a close, it’s the perfect time to reflect on the incredible journey we’ve had this year and how it has shaped where we stand today as a company. To mark this moment, I sat down with our CEO, Mattias Danielsson, to look back on the milestones and achievements of 2024—culminating in […]Read moreCEOMattias Danielsson
  • Exploring DORA: A look at the next major EU mandateFinancial institutions have historically managed operational risk using capital allocation, but under EU Regulation 2022/2554 – also known as the Digital Operational Resilience Act (DORA) – the financial sector and associated entities in the European Economic Area (EEA) must also soon follow new rules. These new rules focus on the protection, detection, containment, and the […]Read moreDORAEU