Menu
Edit Content
Menu

Secure Sign-In to Microsoft Apps on Android Using Passkeys and Authentication Broker

Share Post :

Microsoft Entra ID users can now enhance their security and convenience by signing into
Microsoft apps on Android devices using a passkey through an authentication broker, such
as Microsoft Authenticator or Intune Company Portal. This new feature leverages
Microsoft’s passwordless technology, allowing for a secure and seamless sign-in
experience across devices.

Overview: Microsoft Entra ID Passkey Authentication

Microsoft Entra ID provides multiple secure authentication methods, including multi-factor
authentication (MFA), biometric recognition, and passwordless options, all designed to
safeguard accounts and protect user identities. With this update, Android users can now
register and use passkeys through Microsoft Authenticator for Microsoft apps, creating a
frictionless sign-in process without traditional passwords.
For more information on Entra ID passkey authentication (FIDO2) across apps, browsers,
and systems, check out our blog post on Entra ID Authentication Methods.

Features and Capabilities of Passkeys in Microsoft Authenticator

In the public preview of passkeys, Microsoft Authenticator now includes:

  • Admin-Controlled Attestation: Admins can require attestation during passkey
    registration.
  • Enhanced Android Compatibility: Android native apps now support passkey-based
    sign-ins, guiding users through all necessary steps for a secure, passwordless setup.

Moving to Unified Authentication Policies with the Migration Tool

To transition to the new Authentication Methods, Microsoft has introduced the
Authentication Methods Migration Tool. This helps organizations easily migrate from older
MFA and Self-Service Password Reset (SSPR) policies to a unified approach before
September 2025.

Using Passkeys for Microsoft Apps on Android

For Android 14 or later, users can choose from three sign-in methods with passkeys:

  1. Same-Device Authentication in a Browser: Open your browser, select the passkey
    option, and authenticate with face recognition, fingerprint, PIN, or security key.
  2. Cross-Device Authentication: With Bluetooth-enabled devices, use a Windows PC
    to initiate sign-in and verify using the passkey on your Android device.
  3. Same-Device Authentication in Native Apps: Use the Authenticator app to sign into
    Microsoft native apps like OneDrive and Outlook with a passkey.

FIDO2 Support with Microsoft Entra ID

Microsoft Entra ID now supports FIDO2 authentication, offering users the ability to sign into
Microsoft applications without passwords. In preview, FIDO2 authentication is also
accessible to third-party applications through the authentication broker.

Supported Authentication Brokers by Operating System

Leave a Comment

Your email address will not be published. Required fields are marked *

Recent Post

Read Our Latest Post

November 15, 2024

Secure Sign-In to Microsoft Apps on Android Using Passkeys and Authentication Broker

Read More
November 15, 2024

Microsoft’s Latest Cybersecurity Innovations: Protecting Businesses in a RapidlyEvolving Threat Landscape

Read More
October 11, 2024

Latest Cybersecurity Trends Small Businesses Need to Know in 2024

Read More
October 11, 2024

Why Small to Medium Businesses Need a Managed Service Provider (MSP) for IT Support

Read More

Newsletter

Get Our Latest Update & Discount News

Tech Innovatio

Empowering businesses with cutting-edge technology solutions to drive growth and innovation.

Facebook Twitter Youtube Medium

Quick Links

Our Services

Location

173 N 7th ave, cornelius OR 97113

Email

Info.tech@bamisolutions.com

Phone

971-238-9894

Information

Open Monday - Friday
08 : 00 AM - 10 : 00 PM

© All Copyright 2025 by tech innovation
Scroll to Top