Microsoft is forcing an enterprise transition to passkeys – Computerworld

Still, passkeys should not a silver bullet, as they don’t stop endpoint compromise, session token theft, malicious insiders, or attackers who have already got control of a trusted device. Enterprises must complement passkeys with endpoint protection, continuous monitoring, conditional access policies, and identity threat detection, Seker advised.

How enterprises can prepare

To arrange for the shift to passkeys, Microsoft advised enterprises to review their authentication policy and discover the groups still using SMS or voice authentication. They need to then select the very best authentication method for user devices and workflows, and ensure all employees are given passkeys and security keys.

Entra ID supports each synced passkeys (those stored in platform credential managers like iCloud Keychain and Google Password Manager), and device-bound passkeys resembling Microsoft Authenticator passkeys, Entra passkey on Windows, or FIDO2 security keys.

Related Post

Leave a Reply