Microsoft has called for the end of passwords more than once in the past, and it's been making efforts to do away with them for quite some time now. Today, the company is taking one more step in that direction with the announcement of support for FIDO2 security keys in Azure Active Directory. FIDO2 security keys join the other methods os password-less authentication supported by Azure AD, including Windows Hello and the Microsoft Authenticator app.
In addition to support for physical security keys, Microsoft is introducing new ways organizations can adopt password-less sign-in across their devices.
First, there's a new tool in the Azure AD admin portal that lets you assign security keys or Microsoft Authenticator sign-in to users and groups. Second, the converged Registration portal makes it possible to create and manage FIDO2 security keys. Lastly, it's also now possible to use these keys to sign in to Windows 10 devices joined on Azure AD using the Edge and Firefox browsers.
If you're interested in moving your organization away from using traditional passwords, you can check Microsoft's guide on how to get started transitioning to password-less authentication, and FIDO2 keys specifically.