FIDO2 Microsoft Tutorial

Step 1

Your network administrator will have to activate the "FIDO2 security keys" in the "Authentication method policy" in the administration centre of your Azure Active Directory https://aad.portal.azure.com

Step 2

The administrator will then have to choose the users who can use this method and will also have to deactivate the "key restriction" which blocks certain hardware manufacturers.

Step 3

You can then activate the Winkeo FIDO2 security key and / or the Badgeo FIDO2 card in your own portal.

You must go to https://mysignins.microsoft.com and on the "Security information" tab, click on "Add a method" then choose "Security key" from the drop-down menu.

Step 4

The administrator must then make the following modification in the local "registry" of your workstation:

[HKEY_LOCAL_MACHINE \ SOFTWARE \ Microsoft \ Policies \ PassportForWork \ SecurityKey]

"UseSecurityKeyForSignin" = dword: 00000001

Step 5

After these changes have been performed, a new authentication option by FIDO2 key and / or FIDO2 card for opening the session will appear.