Works with YubiKey Spotlight: Fortifying Microsoft environments by fostering phishing-resistant users

In today’s digitally interconnected world, Microsoft products serve as the backbone for countless industries and innovations. Through a cohesive ecosystem of enterprise-focused tools like Copilot, Microsoft 365, Azure, and Entra ID, Microsoft enables businesses to streamline operations and enhance productivity. These tools have fostered technological innovation, empowering organizations to stay ahead in a competitive landscape while facilitating collaboration and communication across borders, making it possible for teams to work together efficiently, regardless of location. 

As organizations continue adopting news tools and services to meet various demands in a fast-paced digital world, cybersecurity is paramount – and that is why Yubico ensures that Microsoft users around the world are able to protect their Microsoft ecosystem and personal information from increasingly sophisticated cyber threats like phishing with confidence. Recognizing the importance of MFA, beginning this month Microsoft is mandating that MFA is used  by all Azure users. Yubico applauds the move to require stronger authentication for end users to prevent phishing attacks and works to ensure the YubiKey is scalable and user-friendly across the Microsoft ecosystem.

Yubico’s partnership with Microsoft started nearly a decade ago, with our collective work in the FIDO Alliance — a consortium dedicated to advancing secure authentication standards where we have worked together to define and develop secure authentication that has become the FIDO2 standard. FIDO2 enables users to leverage hardware security keys, like the YubiKey, to easily authenticate to online services in both mobile and desktop environments and has been the catalyst to move the world away from passwords. 

With over 80% of cyber attacks a result of stolen login credentials, both Yubico and Microsoft are committed to  empowering customers with phishing-resistant multi-factor authentication (MFA) tools to empower them to stay secure. This commitment fuels the companies to work closely together to move the world away from passwords to a passwordless future with modern, phishing-resistant authentication

Using the YubiKey across Microsoft environments to achieve phishing-resistance

With the prevalence of phishing attacks in the enterprise and recent advancements in passwordless – and new on-device authentication solutions – the way an organization can establish and manage a user’s identity credential throughout its lifecycle has evolved to address these increasing challenges. In order to truly prevent phishing attacks, organizations must do more than just invest in phishing-resistant authentication – they must instead focus on developing phishing-resistant users.

The only effective approach to removing phishing from an organization’s threat landscape is to ensure that every user and process within the organization becomes phishing-resistant. Secure authentication that moves with users across all devices, platforms, and services no matter how they work is not a luxury, but a necessity in today’s fast-moving digital landscape. Phishing-resistance in registration, authentication, and recovery processes are mandatory for cultivating phishing-resistant users, and it all starts and ends with deploying the highest-assurance modern hardware security keys: YubiKeys. Easy to use, scalable to any organization, and cost effective to deploy, the YubiKey can be used easily and seamlessly across the Microsoft stack for any environment – either online or offline in mobile-restricted environments – all while ensuring that every user is phishing-resistant.

Whether you are logging into Windows, Azure, Microsoft 365, Entra ID, browsing in Edge, working on a Surface Pro 10 for Business, crafting and collaborating on code masterpieces in the GitHub, or using your Microsoft account to log into Xbox, LinkedIn or your Microsoft email, the YubiKey is there to securely eliminate account takeovers while reinforcing your overall security stance with strong phishing-resistant authentication that works in both legacy and modern environments.

The YubiKey also works with 1,000+ apps, devices, services, and platforms you use everyday. Each YubiKey accommodates up to 100 device-bound passkeys so you can stay secure no matter where you are working. We encourage you to explore the Works with YubiKey catalog, discover the range of listings, and experience the security and convenience that YubiKey brings to your digital life. 

Answer the call – list your integrated solutions in the Works with YubiKey catalog! If you are responsible for solutions that integrate with the YubiKey and those solutions are not yet listed in our catalog, we invite you to feature those and join a movement that prioritizes security and user experience. By becoming part of the Works with YubiKey catalog, you contribute to a safer digital world while unlocking new opportunities and markets.

Through our growing ecosystem of integrations with companies like Microsoft in the Works with YubiKey catalog, we continue our work to secure you with robust, user-friendly, and easily adoptable multi-factor and passwordless authentication methods. Our goal is to go beyond just enhancing security by fostering a more secure online environment free from data breaches and cyber attacks that promotes trust and confidence among users in their daily digital interactions.

Talk to our teamTalk to our team

Share this article:


  • Q&A with Yubico’s CEO: Our move to the main Nasdaq market in StockholmAs 2024 draws to a close, it’s the perfect time to reflect on the incredible journey we’ve had this year and how it has shaped where we stand today as a company. To mark this moment, I sat down with our CEO, Mattias Danielsson, to look back on the milestones and achievements of 2024—culminating in […]Read moreCEOMattias Danielsson
  • Exploring DORA: A look at the next major EU mandateFinancial institutions have historically managed operational risk using capital allocation, but under EU Regulation 2022/2554 – also known as the Digital Operational Resilience Act (DORA) – the financial sector and associated entities in the European Economic Area (EEA) must also soon follow new rules. These new rules focus on the protection, detection, containment, and the […]Read moreDORAEU
  • Securing critical infrastructure from modern cyber threats with phishing-resistant authenticationAcross the globe, 2024 has seen a whirlwind of change. With ongoing wars, recent political change-ups and more, growth in data breaches targeting critical infrastructure continue to be on the rise. Critical infrastructure is integral to our everyday life – from the energy and natural resources powering our hospitals and providing clean drinking water, telco […]Read moreCISAcritical infrastructurezero trust
  • surface blog crownMicrosofts Surface Pro 10 möjliggör NFC-baserad lösenordsfri inloggning med YubiKeys, för företagDra fördel av det långvariga samarbetet mellan Microsoft och Yubico genom att distribuera YubiKeys tillsammans med den nya Surface Pro 10 enheten för ditt företag. Read morenfcpasswordless