• Yubico | Microsoft
    Adopt phishing-resistant authentication

    Your defense against account takeovers. Strong two-factor, multi-factor and passwordless authentication to protect your Microsoft ecosystem.
    Become a partner
    Home » Solutions » YubiKey + Microsoft

    Stop phishing with a scalable user friendly
    authentication solution

    Identity is a fundamental building block of a Zero Trust strategy. With the YubiKey, adopt strong phishing-resistant multi-factor passwordless authentication and experience a smooth user experience when accessing Microsoft apps and services. Enterprises, government agencies, and consumers can prevent account takeovers and go passwordless with Microsoft Entra ID and the YubiKey.

    outline of buildings
    Enterprise solutions

    YubiKeys provide a bridge from legacy to modern authentication options.

    priv user
    Compliance & privileged users

    YubiKeys address strong authentication and compliance requirements.

    outline of shield and users
    Consumer solutions

    Microsoft users strengthen authentication with YubiKeys—from simple to complex scenarios.

    white house icon
    Executive Order compliance

    Government agencies can deploy federally validated, hardware-backed MFA across multiple applications and operating systems.

    Phishing-resistant MFA solutions for the win

    Accelerate your zero trust journey with Microsoft and Yubico. Use our phishing-resistant passwordless MFA solution to secure your on-premise and cloud resources.

    Secure access to your apps and infrastructure

    Whether your identity directory is on premises or in the cloud, accessing personal or business accounts with Microsoft, YubiKeys provide strong authentication for securing your identity access management infrastructure. YubiKeys provide a bridge from legacy to modern authentication options. The same YubiKey used for on-premises smart card deployments can be used with the cloud native Entra ID support for smart cards. Additionally, the YubiKey can be registered as a FIDO2 credential to access Entra ID protected workstations and applications.

    Simple and secure sign on with certificate-based authentication

    Entra ID and YubiKeys secure enterprises, small businesses, federal agencies and consumers with phishing-resistant MFA with simple and secure sign in on laptops and mobile phones. YubiKey is currently the only external device that supports CBA on Android and iOS. Plus, the YubiKey is the only FIPS certified phishing-resistant solution available for Entra ID on mobile.

    Safeguard your Microsoft ecosystem
    with a Zero Trust strategy

    Learn why there is a critical need for phishing-resistant MFA to support Zero Trust for Microsoft environments. As organizations mature their digital capabilities leveraging Microsoft’s cloud solutions, it becomes increasingly important to adopt security frameworks such as Zero Trust to better protect people, devices, applications and data in the workplace and along the supply chain.

    Download the white paper

    Securing modern enterprises with passwordless authentication

    Increase efficiency in your organization and authenticate in seconds. The Surface Pro 10 is equipped with a built-in NFC reader to sign in passwordlessly with a FIDO2 passkey using the YubiKey 5 NFC and YubiKey 5C NFC.

    Yubico and Microsoft provide secure user-friendly authentication and set new standards for security

    surface blog crown
    Microsoft’s Surface Pro 10 for Business enables passwordless authentication with YubiKeys

    Microsoft’s Surface Pro 10 for Business enables passwordless authentication with YubiKeys.

    Read the blog
    yubikey and msft

    Microsoft updates: Entra ID FIDO2 security key support and Azure Virtual Desktop passwordless sign-in

    With the use of phishing-resistant MFA like passkeys growing, it’s exciting to see, Microsoft 365, announce availability for passkeys on YubiKeys with mobile devices. This not only opens up support on iOS and iPadOS for Microsoft 365, but for a whole range of Microsoft 1st party apps and other applications protected with Entra ID.

    Read the blog
    azure webinar

    CBA with YubiKeys on iOS and Android  

    Yubico worked closely with Microsoft to ensure CBA on mobile became a reality. Microsoft’s support provides users with the same convenient smart card authentication method on mobile devices that they have on their desktops.

    Read the blog
    entra id and yubikey

    Australian government leading on cybersecurity efforts toward phishing-resistance for all citizens and businesses

    The Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) classify phishing-resistant FIDO2 security keys as the most secure form of MFA, reaching MFA Maturity Level Three according to their Essential Eight Maturity Model.

    Read the blog

    Phishing-resistant solutions with
    Entra ID and YubiKeys

    Organizations that deploy Entra ID can fight phishing attacks in Azure, Microsoft 365, and remote desktop environments with these solutions. They are essential to mitigate phishing attacks and play a key role in supporting organizations looking to comply with the Executive Order.

    Certificate based authentication
    Certificate-based authentication (CBA)

    CBA enables organizations with existing smart card & public-key-infrastructure (PKI) deployments to authenticate to Entra ID without a federated server. Organizations can use the same YubiKey as a smart card with Entra ID enabling them to migrate away from on-premises authentication solutions like ADFS as part of their Zero Trust and cloud strategies.

    key in browser window
    Conditional Access authentication strengths: enforced FIDO or CBA policies

    Organizations can fight phishing attacks by implementing specific user authentication policies which enables them to restrict authentication to their requirements. YubiKeys can be leveraged for phishing-resistant MFA for FIDO-based passwordless (FIDO2/WebAuthn) or CBA. By configuring Entra ID to require YubiKeys, organizations are eliminating an entire attack vector for their most privileged users and safeguarding their most critical assets.

    Azure virtual desktop
    Entra ID Virtual Desktop (EVD) supports FIDO and certificates

    EVD enables users to connect to a personal workstation in the cloud. Users with a virtual desktop have the same security and work experience no matter where they are. FIDO-based passwordless authentication enables users to authenticate with their YubiKey and Entra ID passwordless credentials when the user signs into EVD or when they sign into an application inside their virtual desktop. The FIDO-based passwordless authentication solution augments the support for YubiKeys and certificate authentication currently supported in EVD.

    Azure AD CBA mobile
    Entra ID CBA for Android and iOS mobile devices

    CBA on mobile provides users with the same convenient smart card authentication method on mobile as on desktops. YubiKey is currently the only external device that supports CBA on Android and iOS. Plus, it is the only FIPS certified phishing-resistant solution available for Entra ID on mobile. CBA is a staple of governments and high security environments for decades. With Executive Order 14028, the adoption of CBA and other phishing-resistant MFA are mandated.

    azure webinar
    Prevent phishing with Entra ID CBA and YubiKeys on mobile devices

    Watch now
    Prevent phishing with Entra ID and YubiKeys

    Read the blog
    libby q thumbnail
    Microsoft and Yubico: Authentication pioneering partners

    Read the blog

    Microsoft and YubiKey work seamlessly together

    Video “How to” Instructional Series

    Microsoft Surface snackable video

    Watch now
    iOS mail app icon
    YubiKey CBA – iOS for Apple Mail

    Watch now
    YubiKey in laptop
    YubiKey Entra ID CBA – Windows 11 Desktop login

    Watch now
    person logging into laptop using YubiKey and Microsoft Azure AD
    Entra ID Certificate-based authentication on iOS devices

    Watch now
    Entra ID Certificate-based authentication on Android Devices

    Watch now
    YubiKey in Surface Pro
    New tools toYubiKey Entra ID FIDO2 – Windows 11 Desktop login prevent phishing with Azure AD and YubiKeys

    Watch now
    “The concept of passwordless seems so counterintuitive. After all, we are so used to passwords! But Yubico makes it effortless for the user, and Microsoft makes it easy to adopt. Really, it is a no-brainer—a single solution to reduce the risk of phishing by 100%.”
    Tomasz OnyszkoCTO at Predica Group

    Securing organizations around the world

    Hyatt Hotels is going passwordless

    “Our goal at Hyatt is to have every application in our stack fall under Azure single sign on. So once you’re using the YubiKey for app one, you’ll be using it for app two and three and four…”

    The Government of Nunavut turns to phishing-resistant YubiKeys

    “The initial rollout has been quite seamless and we have been able to quickly onboard our users. With a strong infrastructure in place and easy access to documentation and support, we are confident that we have taken back security and control.”

    Microsoft and Yubico provide secure
    authentication solutions

    Get started

    YubiKey FIPS family shot
    Find the right YubiKey

    Contact our sales team for a personalized assessment of your organization’s needs.

    YubiKey in front of momument
    Get protected today

    Browse our online store today and buy the right YubiKey for you.