![]() That’s what the error message means to tell you but the wording confused me for a while. With one smartphone with the Microsoft Authenticator app installed, you cannot add multiple accounts on the phone for passwordless authentication (device registration) at this moment in time. I can register my security key with multiple accounts and be on my way. That, I can do this with my FIDO2 BioPass security key from FEITIAN just fine. What I need is a passwordless solution I can use with multiple accounts in the same and other tenants. Consultants, students, and others with multiple accounts in Azure AD can add each account to Microsoft Authenticator and use passwordless phone sign-in for. That’s why I like FIDO2 security keys with biometrics as a passwordless option. I log in with a different account depending on what work I need to do and what roles/rights this requires. I tend to have multiple accounts in an Azure AD. This is annoying when testing but it can also be annoying in real life. It is the passwordless scenario that doesn’t work under these conditions. (see screenshot below) This setting will be grayed out in Remote Desktop sessions. 2 Click/tap on Sign-in options on the left side, and turn On (default) or Off Require Windows Hello sign-in for Microsoft accounts for what you want on the right side. There can be only one.ĭo note that you can still use the authenticator app as an MFA method with your password. 1 Open Settings, and click/tap on the Accounts icon. My device is already registered for another user in Azure AD in that tenant. I already had another test user on that phone set up sign-in without a password. So we can only use our smartphone with the Microsoft Authenticator app in a single-tenant, with a single user. This means you can enable only one work or school account in the Microsoft Authenticator app for passwordless sign-in. I already have this device registered for another accountĬurrently, you can only register a device in a single tenant.
0 Comments
Leave a Reply. |