Steve: Hey everybody, welcome back to 3in3. The topic for today is passwordless authentication with Azure AD. I’ve got Tyler Plesetz with me again who is one of our Senior Consultants on the Digital Workplace team, so let’s jump right in.

Tyler, what is Passwordless Authentication with Azure AD?


Tyler: So, Passwordless Authentication with Azure AD is a methodology for allowing users to access their work account without having to enter their password as it sounds. And that’s really made of a couple different tools which are Windows Hello for business, what we call Phone Sign-in where you sign in using an authenticator app on your phone, and Fido2 compliant security keys.

Steve: Excellent, yes, I’ve been hearing a lot lately about companies moving away from simply using passwords and using other methods for authentication, so passwordless is one way to facilitate that.

Excellent, so then question number two, now that we know a little bit about it, why should customers be interesting or looking into [passwordless authentication]?


Tyler: So, what’s really important about Passwordless Authentication is it allows you to use multi-factor authentication without it being as cumbersome. Multi-factor authentication can feel cumbersome for users when they get prompted for it all the time. They enter their username, they enter their password, and then they have to go to their phone and respond to another prompt. With passwordless, you can sign in directly with a biometric or a security key or a prompt on your phone without ever having to enter your password. And that feels a lot more streamlined for the user and it’s more secure for them where they may not be motivated to create a simple password because they have to remember it all the time. If they don’t have to use their password very frequently, it’ll be easier for them to get into the routine of using the more complex password.

Steve: Excellent, I think that’s an important point. We want to make our customers environments more secure and also easier for the end user at the same time and this accomplishes both. Yes, 100%.

Alright so now that we know a little bit about passwordless and why it’s important, what should customers be doing about [passwordless authentication] today?


Tyler: So, it’s really easy to get going with a pilot with passwordless authentication. Within Azure AD, in the security console, you can turn on passwordless for subsets of users. You can enable it based on a group. So you can test it with your IT staff and testing users and they can get the feel for how it works and you can see how it fits your organization’s needs before rolling it out to a larger user base.

Steve: Excellent, yes, I would recommend a pilot obviously, with the goal being to secure the environment even more and make the experience even better for end users. Like you said, it’s easier to get started with a pilot. Certainly, if our customers want, or people watching want more information, just reach out to us a We’ve got experts like Tyler that can help out with any questions that you might have. So, thanks Tyler, this has been great. I appreciate your time and we’ll see everybody next time!