Azure AD Passwordless

Azure AD Passwordless

Authentification without password

The mutli-factor authentification or MFA permit to secure the access to the company’s cloud resources. With the functionnality of passwordless in Azure AD, the password is removed, the user can access to the cloud ressources without password. However, they must authenticate themselves from their phone (Microsoft Authenticator app) or Windows 10 computer (FIDO2 security keys).

Prerequities

You need use Azure Multi-Factor Authentication with notification method. The Microsoft Authentificator application must be installed on IOS 8.0 and later version or Android 6 and later version.

Enable authentication methods without a password by phone

From the Azure portal, click on Azure AD.

Access to Azure AD portal

Click on User Settings.

Access to User Settings

On the central panel, click on Manage user feature preview setting.

Access to manage user feature

Enable Users can use preview features for registering and managing security info parameter for the desired user. Click on Save for save modification.

Enable parameter

Enable Passordless

On Azure AD portal, click on Security.

Go to Security

Click on Authentification methods and on Authentification method policy. Click on Microsoft Authentificator passwordless sign-in.

Open authentification rule

Click on Enable and select the desired target (All users or Select users). Click on Save for save modification.

Configure policy

The modification is well taken.

Modification is OK

Configure Microsoft Authentificator Application

From the Depuis le navigateur browser, access the URL https://aka.ms/mysecurityinfo. Enter username and click on Next.

Connect to the URL aka.ms/mysecurityinfo

On the Security info tab, click on Add method.

Add method

Select Authentificator app and click on Add.

Choose method authentification

On the smartphone, download Microsoft Authentificator application on the ios or android smartphone and click on Next.

download app authentificator

On the smartphone, open Microsoft Authentificator application and click on Add an account.

Add an account

Select Professional or school account.

Select professional or school account

From Azure portal, click on Next to display the QR Code.

Scan the QR Code

An approval is sent at the phone, press Approve.

Approval has send
approve account

After approval, click Next to finalize the add operation.

Approval is OK

The authentification method is present on the web portal. Click on Change for change the authentification method.

Authentification method

Select Microsoft Authentificator – notification and click on Confirm.

Choose the desired method

Authentification method is now been configured.

Authentification method configured

Configure smartphone

From Microsoft Authentificator Application, press on drop-down Arrow.

Acces to option

Select Enable connexion by phone option.

Enable connexion by phone

A new wizard appear, click on Continue.

New wizard appear

Enter username and password of the user and click on Connect.

Connect with the desired user

Click on button for record the phone.

Record the phone

The phone has been recorded.

Phone has been recorded

Authentification with passwordless

From the mobile device, access to myapps.microsoft.com and enter username and password. Click on Next for proceed at the connexion.

Access to myapps.microsoft.com

You need approove the connexion, a number is present on Windows. The same number has present on Microsoft Authentificator application. Press the number on Microsoft Authentificator application.

Number has present on the console
Number has present on application

Connexion has been approved.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.