Modern Workplace Brewer, MVP & MCT
chromium edge featured fido2 microsoft account setup Windows 10 yubico yubikey

Password-less login for Microsoft Accounts

by Jeroen Burgerhout 3 min read

Password-less login is since Windows 10 1809 available via the Edge Browser and also the Edge on Chromium browsers. But why should I login via a FIDO2 device like a Yubikey 5?

I hope that I can clearify some things up for this topic.
So I bought a Yubico Yubikey 5 NFC at Bol.com and configured it for my Microsoft Account.

What is a FIDO2 security key?

A FIDO2 key is not to be confused with a FIDO U2F security key, which works as a second authentication factor for a password. The FIDO2 security key replaces both but works much like a U2F key by using public key cryptography.
The user only has to press a button on the security key to log into a website if they use a browser (such as Edge) that supports the WebAuthn web API, which connects the FIDO 2 hardware to a website’s server.

How to setup a FIDO2 Key for your Microsoft account?

  1. First you need to have Windows 10 1809 and a supported Yubikey
  2. Start your Edge (or Edge Chromium) browser
  3. Sign in to your Microsoft Account at https://account.microsoft.com
  4. Go to the “Update your security info” tile
    2019-05-06_14-39-29
  5. Click on the “More security options” tile
    2019-05-24_14-43-30
  6. Click on “Set up a security key”
    2019-05-24_14-46-16
  7. Choose your type of security key. I will choose for USB device.
    2019-05-24_14-46-44
  8. Create a PIN for your security key
    2019-05-24_14-47-36
  9. Touch the golden sensor of the security key
    2019-05-24_14-48-08
  10. Click on Allow at the popup
    2019-05-24_14-48-22
  11. Give your security key a name
    2019-05-24_14-48-47
  12. And you’re all set
    2019-05-24_14-49-03
  13. Now sign out of your Microsoft account and try to sign in again with your security key. That should work.

At this moment the YubiKey 5 is not yet supported to log on into Windows 10. Hopefully this will be supported soon.

My conclusion

Uhm….. Oké, the Yubikey is handy to login at the Microsoft websites without filling in a password. But I had already the Authenticator App installed and configured for my Microsoft Account.
You can use the Yubikey at multiple computers. Login with the Yubikey is a little bit faster then login with the Authenticator App.

If you have some other question or comments about the Yubikey, leave them behind here below and I will contact you as soon as possible.

Read more posts by this author

Jeroen Burgerhout

Modern Workplace Brewer | MVP | MCT | Author | Microsoft 365 | Intune | Entra ID | CEO (Chief Everything Officer) | Founder @workplacedudes

The link has been copied!
You’ve successfully subscribed to Jeroen Burgerhout
Welcome back! You’ve successfully signed in.
Great! You’ve successfully signed up.
Success! Your email is updated.
Your link has expired
Success! Check your email for magic link to sign-in.