FIDO Security Keys
Passwordless, phishing-resistant authentication for your organisation.
What are FIDO Security Keys?
FIDO (Fast Identity Online) is an open standard for passwordless authentication.
FIDO2 security keys are physical devices that users plug in or tap to verify their identity.
FIDO2 keys replace passwords with secure, hardware-backed credentials that are easy to use and hard to steal.
How FIDO Works
- The key stores a private cryptographic credential.
- When signing in, the key proves identity without transmitting a password.
- It’s bound to the device and user, making it resistant to phishing and replay attacks.
Benefits of FIDO Security Keys
- Security: No passwords to steal or phish.
- Usability: Tap or insert the key—no codes or apps.
- Portability: Works across devices and platforms.
- Compliance: Meets strong authentication standards (FIDO2, WebAuthn).
FIDO in Microsoft Entra
Microsoft Entra supports FIDO2 keys for:
- Passwordless sign-in to
- Windows and web apps
- MFA scenarios
- Shared device environments
Real-world Use Cases
- Retail stores with shared tills
- Warehouses and kiosks
- Healthcare stations
- Shared manager accounts
Where EntraAssist Comes In
- FIDOassist manages key ownership, lifecycle, and shared account mapping.
- Tracks who used which shared account, when—via Microsoft Entra logs.
- Supports multiple brands of FIDO2 keys.
- Adds audit trails and compliance workflows for key issuance and retirement.