Azure AD Passwordless
Authentification without password
The mutli-factor authentification or MFA permit to secure the access to the company’s cloud resources. With the functionnality of passwordless in Azure AD, the password is removed, the user can access to the cloud ressources without password. However, they must authenticate themselves from their phone (Microsoft Authenticator app) or Windows 10 computer (FIDO2 security keys).
Prerequities
You need use Azure Multi-Factor Authentication with notification method. The Microsoft Authentificator application must be installed on IOS 8.0 and later version or Android 6 and later version.
Enable authentication methods without a password by phone
From the Azure portal, click on Azure AD.
Click on User Settings.
On the central panel, click on Manage user feature preview setting.
Enable Users can use preview features for registering and managing security info parameter for the desired user. Click on Save for save modification.
Enable Passordless
On Azure AD portal, click on Security.
Click on Authentification methods and on Authentification method policy. Click on Microsoft Authentificator passwordless sign-in.
Click on Enable and select the desired target (All users or Select users). Click on Save for save modification.
The modification is well taken.
Configure Microsoft Authentificator Application
From the Depuis le navigateur browser, access the URL https://aka.ms/mysecurityinfo. Enter username and click on Next.
On the Security info tab, click on Add method.
Select Authentificator app and click on Add.
On the smartphone, download Microsoft Authentificator application on the ios or android smartphone and click on Next.
On the smartphone, open Microsoft Authentificator application and click on Add an account.
Select Professional or school account.
From Azure portal, click on Next to display the QR Code.
An approval is sent at the phone, press Approve.
After approval, click Next to finalize the add operation.
The authentification method is present on the web portal. Click on Change for change the authentification method.
Select Microsoft Authentificator – notification and click on Confirm.
Authentification method is now been configured.
Configure smartphone
From Microsoft Authentificator Application, press on drop-down Arrow.
Select Enable connexion by phone option.
A new wizard appear, click on Continue.
Enter username and password of the user and click on Connect.
Click on button for record the phone.
The phone has been recorded.
Authentification with passwordless
From the mobile device, access to myapps.microsoft.com and enter username and password. Click on Next for proceed at the connexion.
You need approove the connexion, a number is present on Windows. The same number has present on Microsoft Authentificator application. Press the number on Microsoft Authentificator application.
Connexion has been approved.