News

Microsoft Enables Windows 11 Passwordless Option

Organizations with Entra ID-joined Windows 11 devices can now switch them over to passwordless authentications using a new policy option, Microsoft suggested this week.

Organizations can use Microsoft Intune or another mobile device management solution to set the policy, which was eanbled via a "September 2023 update for Windows 11, version 22H2," the announcement indicated. Here's Microsoft's statement to that effect:

Commercial organizations can now set the EnablePasswordlessExperience MDM policy from Intune or another MDM to enable a fully passwordless user experience on Microsoft Entra ID joined [Windows 11] machines.

By passwordless, Microsoft means that users so switched won't see a password prompt at all after the policy has been applied. The password prompt will be absent when signing into a device's lock screen. It also won't be there for "in-session auth scenarios like password managers in a web browser, 'Run as' admin scenarios, and User Account Control (UAC)," the announcement explained. Also, the Windows 11 Settings app won't show the "Change password" option after the passwordless policy has been applied, Microsoft indicated, in this document.

After the passwordless policy is applied, users will see initial authentication options as "security key, pin, Windows Hello, and fingerprint." Organizations can use phishing-resistant approaches, such as FIDO2 keys or Windows Hello for Business, which is Microsoft's biometric (face scan) authentication scheme.

Organizations going passwordless have options should a user fail to authenticate. "If the user fails to sign in, recovery mechanisms such as PIN reset or Web sign-in can be used to help the user recover their credentials without IT helpdesk engagement," the announcement indicated.

Microsoft's Sept. 2023 update to Windows 11 version 22H2 also ushered in the ability for Entra ID-joined devices to use a "Web sign-in" feature, as explained in this document. It permits users to "sign in with the Microsoft Authenticator app or with a SAML-P federated identity."

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.

Featured

  • An image of planes flying around a globe

    2025 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss.

  • Notebook

    Microsoft Centers AI, Security and Partner Dogfooding at MCAPS

    Microsoft's second annual MCAPS for Partners event took place Tuesday, delivering a volley of updates and directives for its partners for fiscal 2026.

  • Microsoft Layoffs: AI Is the Obvious Elephant in the Room

    As Microsoft doubles down on an $80 billion bet on AI this fiscal year, its workforce reductions are drawing scrutiny over whether AI's ascent is quietly reshaping its human capital strategy, even as official messaging avoids drawing a direct line.

  • Microsoft CSPs To Start Selling Windows 10 ESU this Fall

    Organizations that want to extend the life of their Windows 10 PCs can begin buying extension plans from Microsoft's Cloud Solution Provider (CSP) partners on Sept. 1.

Most   Popular