The first day of Ignite was a big one for Microsoft, customers and partners! One of the most exciting announcements was the Public Preview of Passwordless Sign-In using the Authenticator application. I decided, why not set this up in our test tenant as I HATE passwords!

Per Microsoft:

The Microsoft Authenticator app can be used to sign in to any Azure AD account without using a password. Similar to the technology of Windows Hello for Business, the Microsoft Authenticator uses key-based authentication to enable a user credential that is tied to a device and uses a biometric or PIN.

From <>

As of right now for the public preview, enabling is done through PowerShell. One could surmise this will soon be a checkbox in the portal.

First, we installed the AzureADPreview v2 PowerShell module and connected to Azure AD (Connect-AzureAD), then ran the following:

New-AzureADPolicy -Type AuthenticatorAppSignInPolicy -Definition ‘{“AuthenticatorAppSignInPolicy”:{“Enabled”:true}}’ -isOrganizationDefault $true -DisplayName AuthenticatorAppSignIn

Which returned the parameter set to True.

Next we opened up our Authenticator app and chose to enable Phone sign-in

Then we made sure our device was registered

enabled!

Note the new phone/key icon

Now let’s simply hit


And we’re in!

Enjoy your passwordless future!

Leave a Reply

Your email address will not be published. Required fields are marked *