Yubico | Microsoft
Delivering Phishing-Resistant Security Solutions
Adopting secure authentication and creating phishing-resistant users across your Microsoft ecosystem are crucial steps towards cyber resilience.
Stop phishing with a scalable user friendly
authentication solution
Identity is a fundamental building block of a Zero Trust strategy. With the YubiKey, adopt strong phishing-resistant multi-factor passwordless authentication and experience a smooth user experience when accessing Microsoft apps and services. Enterprises, government agencies, and consumers can prevent account takeovers and go passwordless with Microsoft Entra ID and the YubiKey.
Enterprise solutions
YubiKeys provide a bridge from legacy to modern authentication options.
Compliance & privileged users
YubiKeys address strong authentication and compliance requirements.
Consumer solutions
Microsoft users strengthen authentication with YubiKeys—from simple to complex scenarios.
Executive Order compliance
Government agencies can deploy federally validated, hardware-backed MFA across multiple applications and operating systems.
Securing the Digital Future Together: Microsoft and Yubico
For the last decade, Microsoft has partnered with Yubico to enhance security and user experience, ensuring seamless and secure access to services like Microsoft 365, OneDrive, and Azure. Hear from Microsoft what value this partnership brings to our mutual customers.
Yubico Enrollment Suite
Think beyond phishing-resistant MFA, and fast-track the creation of phishing-resistant users. With the Yubico Enrollment Suite, organizations can select their path to stronger security, and easily enroll YubiKeys on behalf of users.
Phishing-resistant MFA solutions for the win
Accelerate your Zero Trust journey with Microsoft and Yubico. Use our phishing- resistant passwordless MFA solution to secure your on-premise and cloud resources.
Securing modern enterprises with passwordless authentication
Increase efficiency in your organization and authenticate in seconds. The Surface Pro 10 is equipped with a built-in NFC reader to login passwordlessly with a FIDO2 passkey using the YubiKey 5 NFC or YubiKey 5C NFC.
Simple and secure sign on with certificate-based authentication
Microsoft Entra ID and YubiKeys secure enterprises, small businesses, federal agencies and consumers with phishing-resistant MFA with simple and secure sign in on laptops and mobile phones. YubiKey is currently the only external device that supports CBA on Android and iOS. Plus, the YubiKey is the only FIPS certified phishing-resistant solution available for Entra ID on mobile.
Safeguard your Microsoft ecosystem with a Zero Trust strategy
Learn why there is a critical need for phishing-resistant MFA to support Zero Trust for Microsoft environments. As organizations mature their digital capabilities leveraging Microsoft’s cloud solutions, it becomes increasingly important to adopt security frameworks such as Zero Trust to better protect people, devices, applications and data in the workplace and along the supply chain.
YubiKey as a Service: peace of mind and flexibility for less than a cup of coffee per user/month
Simplify purchase and support while also providing financial benefits. Estimate your potential savings with a subscription as compared to a one-time purchasing model.
Let us help you create a custom plan for your business!
Create cyber resilience with Yubico and Microsoft
Yubico is proud to play a key role in helping Microsoft customers realize the goals behind their recently announced Secure Future Initiative. Both FIDO Alliance members, Yubico and Microsoft, are helping to deliver strong phishing-resistant authentication solutions based on FIDO2 and CBA standards. These solutions, coupled with Microsoft’s Conditional Access policies, help organizations create stronger cyber resilience, and can support organizations that want to further advance their strategy with a Zero Trust model.
Yubico and Microsoft provide secure user-friendly authentication and set new standards for security
Microsoft’s Surface Pro 10 for Business enables passwordless authentication with YubiKeys
Microsoft’s Surface Pro 10 for Business enables passwordless authentication with YubiKeys.
Microsoft updates: Entra ID FIDO2 security key support and Azure Virtual Desktop passwordless sign-in
With the use of phishing-resistant MFA like passkeys growing, it’s exciting to see, Microsoft 365, announce availability for passkeys on YubiKeys with mobile devices. This not only opens up support on iOS and iPadOS for Microsoft 365, but for a whole range of Microsoft 1st party apps and other applications protected with Entra ID.
CBA with YubiKeys on iOS and Android
Yubico worked closely with Microsoft to ensure CBA on mobile became a reality. Microsoft’s support provides users with the same convenient smart card authentication method on mobile devices that they have on their desktops.
Australian government leading on cybersecurity efforts toward phishing-resistance for all citizens and businesses
The Australian Signals Directorate (ASD) and the Australian Cyber Security Centre (ACSC) classify phishing-resistant FIDO2 security keys as the most secure form of MFA, reaching MFA Maturity Level Three according to their Essential Eight Maturity Model.
Phishing-resistant solutions with
Entra ID and YubiKeys
Organizations that deploy Entra ID can meet Microsoft’s new MFA mandate requiring MFA for authentication into Azure and Entra ID environments while defending against phishing attacks in Azure, Microsoft 365, and remote desktop environments with these solutions. Along with reading further on this page, download our solution brief on how Yubico can help your organization meet Microsoft’s MFA mandate.
Certificate-based authentication (CBA)
CBA allows organizations to use YubiKeys as smart cards with Entra ID, eliminating the need for on-premises authentication solutions like ADFS, while supporting Zero Trust and cloud strategies.
Conditional Access authentication strengths: enforced FIDO or CBA policies
Combat phishing and eliminate an attack vector while protecting privileged users and critical assets by configuring Entra ID to require YubiKeys for phishing-resistant MFA (FIDO2/WebAuthn) or CBA.
Entra ID Virtual Desktop (EVD) supports FIDO and certificates
When paired with FIDO-based passwordless authentication that allows users to sign in their Entra ID credentials and YubiKeys, EVD allows users to connect to a cloud workstation with consistent security.
Entra ID CBA for Android and iOS mobile devices
CBA on mobile offers the same smart card authentication as desktops. YubiKey is the only device supporting CBA on Android and iOS, and the only FIPS certified phishing-resistant solution for Entra ID on mobile. With Executive Order 14028, the adoption of CBA and other phishing-resistant MFA are mandated.
Simplifying break glass account security with YubiKeys
Microsoft strengthens phishing-resistant security for Entra ID with FIDO2 provisioning APIs
Works with YubiKey Spotlight: Fortifying Microsoft environments by fostering phishing-resistant users
Microsoft and YubiKey work seamlessly together
Video “How to” Instructional Series
Securely log in to Surface Pro 10 with YubiKey
YubiKey CBA – iOS for Apple Mail
YubiKey Entra ID CBA – Windows 11 Desktop login
Entra ID Certificate-based authentication on iOS devices
Entra ID Certificate-based authentication on Android Devices
New tools toYubiKey Entra ID FIDO2 – Windows 11 Desktop login prevent phishing with Azure AD and YubiKeys
“Our team uses mobile phones, tablets, and other devices. Through Yubico, I need to partner indirectly with Microsoft to understand what they have, what they offer, and how it works with the YubiKey. The YubiKey works to replace one-time passwords, it works as multi-factor authentication, it factors all that into one easy to-use device. I was able to implement it with my forward thinking methods. I feel like it’s put me in the top 1% of public sector for implementing this using certificate-based authentication that Microsoft provides. I am freed up to focus on servicing the people in my city.”
Securing organizations around the world
Phishing-resistant MFA solutions for the win
“Our mission is our citizens. It’s our responsibility to build a fortress wall between threat actors and citizen data with enhanced methods of multi-factor authentication.”
Hyatt Hotels is going passwordless
“Our goal at Hyatt is to have every application in our stack fall under Azure single sign on. So once you’re using the YubiKey for app one, you’ll be using it for app two and three and four…”
The Government of Nunavut turns to phishing-resistant YubiKeys
“The initial rollout has been quite seamless and we have been able to quickly onboard our users. With a strong infrastructure in place and easy access to documentation and support, we are confident that we have taken back security and control.”
Microsoft and Yubico provide secure
authentication solutions
Featured content
How to get started with phishing-resistant MFA for your Microsoft environment
Protect your ecosystem with Yubico’s scalable phishing-resistant authentication
Strengthen cyber resilience in your Microsoft ecosystem with phishing-resistant MFA
Accelerate your Zero Trust journey with the top five use cases for Microsoft
Meet the Microsoft MFA Mandate with YubiKeys
Get started
Find the right YubiKey
Contact our sales team for a personalized assessment of your organization’s needs.
