Works with YubiKey Spotlight: Fortifying Microsoft environments by fostering phishing-resistant users

In today’s digitally interconnected world, Microsoft products serve as the backbone for countless industries and innovations. Through a cohesive ecosystem of enterprise-focused tools like Copilot, Microsoft 365, Azure, and Entra ID, Microsoft enables businesses to streamline operations and enhance productivity. These tools have fostered technological innovation, empowering organizations to stay ahead in a competitive landscape while facilitating collaboration and communication across borders, making it possible for teams to work together efficiently, regardless of location. 

As organizations continue adopting news tools and services to meet various demands in a fast-paced digital world, cybersecurity is paramount – and that is why Yubico ensures that Microsoft users around the world are able to protect their Microsoft ecosystem and personal information from increasingly sophisticated cyber threats like phishing with confidence. Recognizing the importance of MFA, beginning this month Microsoft is mandating that MFA is used  by all Azure users. Yubico applauds the move to require stronger authentication for end users to prevent phishing attacks and works to ensure the YubiKey is scalable and user-friendly across the Microsoft ecosystem.

Yubico’s partnership with Microsoft started nearly a decade ago, with our collective work in the FIDO Alliance — a consortium dedicated to advancing secure authentication standards where we have worked together to define and develop secure authentication that has become the FIDO2 standard. FIDO2 enables users to leverage hardware security keys, like the YubiKey, to easily authenticate to online services in both mobile and desktop environments and has been the catalyst to move the world away from passwords. 

With over 80% of cyber attacks a result of stolen login credentials, both Yubico and Microsoft are committed to  empowering customers with phishing-resistant multi-factor authentication (MFA) tools to empower them to stay secure. This commitment fuels the companies to work closely together to move the world away from passwords to a passwordless future with modern, phishing-resistant authentication

Using the YubiKey across Microsoft environments to achieve phishing-resistance

With the prevalence of phishing attacks in the enterprise and recent advancements in passwordless – and new on-device authentication solutions – the way an organization can establish and manage a user’s identity credential throughout its lifecycle has evolved to address these increasing challenges. In order to truly prevent phishing attacks, organizations must do more than just invest in phishing-resistant authentication – they must instead focus on developing phishing-resistant users.

The only effective approach to removing phishing from an organization’s threat landscape is to ensure that every user and process within the organization becomes phishing-resistant. Secure authentication that moves with users across all devices, platforms, and services no matter how they work is not a luxury, but a necessity in today’s fast-moving digital landscape. Phishing-resistance in registration, authentication, and recovery processes are mandatory for cultivating phishing-resistant users, and it all starts and ends with deploying the highest-assurance modern hardware security keys: YubiKeys. Easy to use, scalable to any organization, and cost effective to deploy, the YubiKey can be used easily and seamlessly across the Microsoft stack for any environment – either online or offline in mobile-restricted environments – all while ensuring that every user is phishing-resistant.

Whether you are logging into Windows, Azure, Microsoft 365, Entra ID, browsing in Edge, working on a Surface Pro 10 for Business, crafting and collaborating on code masterpieces in the GitHub, or using your Microsoft account to log into Xbox, LinkedIn or your Microsoft email, the YubiKey is there to securely eliminate account takeovers while reinforcing your overall security stance with strong phishing-resistant authentication that works in both legacy and modern environments.

The YubiKey also works with 1,000+ apps, devices, services, and platforms you use everyday. Each YubiKey accommodates up to 100 device-bound passkeys so you can stay secure no matter where you are working. We encourage you to explore the Works with YubiKey catalog, discover the range of listings, and experience the security and convenience that YubiKey brings to your digital life. 

Answer the call – list your integrated solutions in the Works with YubiKey catalog! If you are responsible for solutions that integrate with the YubiKey and those solutions are not yet listed in our catalog, we invite you to feature those and join a movement that prioritizes security and user experience. By becoming part of the Works with YubiKey catalog, you contribute to a safer digital world while unlocking new opportunities and markets.

Through our growing ecosystem of integrations with companies like Microsoft in the Works with YubiKey catalog, we continue our work to secure you with robust, user-friendly, and easily adoptable multi-factor and passwordless authentication methods. Our goal is to go beyond just enhancing security by fostering a more secure online environment free from data breaches and cyber attacks that promotes trust and confidence among users in their daily digital interactions.

Talk to our teamTalk to our team

Share this article:


  • FIPS certified vs. FIPS compliant: What’s the real difference?“Is your MFA solution FIPS compliant, or is it certified?”  This is a question we hear a lot, and for good reason. In industries where security and compliance are critical (especially in government contracts), understanding the difference between FIPS certified and FIPS compliant isn’t just semantics – it can mean the difference between meeting requirements […]Read moreFIPSNIST
  • 2025 Global State of Authentication survey: A world of difference in cybersecurity habitsIn a world that’s more connected than ever, the landscape of cybersecurity threats is constantly evolving. Bad actors, now supercharged with artificial intelligence (AI), are becoming increasingly adept at exploiting human error through sophisticated phishing and social engineering attacks. This makes robust cybersecurity a universal issue, impacting everyone from individuals to the largest global enterprises. […]Read moreGlobal State of Authenticationsurvey
  • Making digital security a right: Inside Yubico’s Secure it Forward programTechnology can be a great equalizer — but only if the strongest protection is within reach. Since 2022, Yubico has donated more than 65,000 YubiKeys to hundreds of organizations worldwide — a retail value of over $3.3 million. Each key helps strengthen digital protection for those doing vital work in their communities. This isn’t just […]Read more
  • Yubico LogoYubico liefert PIN-Verbesserungen mit dem neuen YubiKey 5 – Verbesserte PIN-SchlüsselTo prepare for continuously evolving cyber threats, governments around the world are adapting and updating authentication requirements for online services which directly impact thousands of organizations and their employees. While there’s currently no universal regulation for more robust multi-factor authentication (MFA), the need is highlighted across a range of requirements including PSD2, GDPR, and the […]Read moreYubiKey