Azure Active Directory

Welcome to the Azure Active Directory suggestions and feedback site! We love hearing from you. If you have suggestions, please submit an idea or vote up an idea. We are monitoring the site actively.

Thank you for joining our community and helping improve Azure AD!

Wehave a new log in experience integrated with Azure AD, and we stronglyrecommend you log in with your Azure AD (Office 365) account. If yourUserVoice account is the same email address as your Azure AD account, yourprevious activities will be automatically mapped to your Azure AD account.  You can read more here for details: https://techcommunity.microsoft.com/t5/Azure-Active-Directory-Identity/Putting-customers-first-for-f...

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Adding YubiKey Support to Azure AD and Edge on iOS/iPadOS

    YubiKey's 5Ci security keys allows password-less authentication via Lightning connector. It's the first security key that can plug into a iPhone or iPad Lightning port and USB-C port. Several apps supports authentication such as Brave, a browser app based on Chromium.
    https://brave.com/partnership-with-yubico/

    It would be great if Azure Active Directory and Edge supports the YubiKey for password-less authentication.

    There is also an upcoming SDK to support the new NFC authentication capabilities in iOS. This will allow FIDO2 authentication over NFC and Lightning as well.
    https://www.yubico.com/2019/09/yubico-ios-authentication-expands-to-include-nfc/

    22 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    3 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  2. Passwordless Signon with single device and multiple accounts

    The current implementation of Azure AD passwordless signon only permits one account per device, per tenant. So I can have my "regular" Office 365 account protected and passwordless using the MS Authenticator app, but I can't also setup my Office 365 Admin account (or vice versa). For the typical user with only one account this is fine, but as an admin I would prefer the security benefits of going passwordless on my admin account as well.

    17 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  3. Add passwordless sign-in for Apple Watch

    The password less sign-in option only works with the authenticator app on the phone and not on the Apple Watch ("Request type not supported on your watch"). It would be most convenient to be able to have this supported on the Apple Watch as well.

    8 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  4. Adding Touch ID Support for MFA/password-less on Chromium (macOS)

    Google has added fingerprint authentication on Chrome including support of Apple's biometric sensors "Touch ID" last year:
    https://www.chromestatus.com/feature/5962264427364352

    This seems to be implemented via Web Authentication API.
    It would be awesome to use Touch ID as 2nd Factor or password-less option in Azure Active Directory. Currently you are able to choose between NFC and USB only (tested on lastest build of Chrome).

    It would be even better if Edge Chromium supported the built-in fingerprint of MacBooks. :)
    However, it seems to be a limitation of Azure Active Directory.

    6 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  5. Enable "Sign in with a security key" option from any sign-in page (e.g. in case of frequency passed)

    End-user experience of password-less sign-in options is broken in some user scenarios.

    Example: The "Sign in with a security key" option is not available on sign-in page after the sign-in frequency passed (Conditional Access session policy).

    5 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    2 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  6. AAD-FIDO2 Integration

    As per below url,

    https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-authentication-passwordless-phone

    AAD & FIDO integration is possible using Azure portal & MS self service portal "https://myprofile.microsoft.com".

    Is this integration can be accomplished, programmatically via graph api endpoints or any other rest end points?

    3 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  7. Support FIDO2 for Hybrid Azure AD joined devices

    Hybrid Azure AD joined is one of the approach that easily adopted by the company whom currently running with On-Prem AD. Unfortunately, FIDO2 is compatible with Azure AD join only. It would be great if it support Hybrid Azure AD Joined devices as well.

    Do you a preview program for the testing or expected timeline to release this?

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  8. Login with printable badges for K-3 students to SSO applications.

    We'd like the capability to login with printable badges for K-3 students to SSO applications in Azure AD. So that they can simply scan their badge that the teacher made for them and get into the application. Similar to the https://clever.com/products/badges. This would fit into the passwordless signon but not require phones as students may not have phones.

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  9. Fix the bugs in the Passwordless Authenticator Experience

    There are three major issues with the Passwordless Experience:

    1)

    Logging in via the web is still sometimes a confusing experience with passwordless enabled.

    The "Sign In" page is presented, and the dialog says "We'll send a sign-in request to your phone". But, the sign in request is already sent before the user clicks the button. So, what is happening to our users initially is that they hear/feel the prompt on their phone and go there. It asks for a number. Then they go back to their desktop and have to click the button to "Send notification" even though it's…

    2 votes
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  10. 598500816

    598500816

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  11. 1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  12. МОЛЯ ЗА ПОМОЩ. нещо обърках при регистрацията на акаунт изпратен от госпожата и сега не ми приема паролата и немога да напиша кода за потвър

    МОЛЯ ЗА ПОМОЩ. нещо обърках при регистрацията на акаунт изпратен от госпожата и сега не ми приема паролата и немога да напиша кода за потвърждение на имайла

    това е потребителското име : is54813426@edu.mon.bg

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  13. Mandate the use of FIDO2 security key

    Hello,

    let us mandate a specific login method. E.g. login only possible via security key.

    As it is now, security keys are only optional and ADD-ON to the existing methods. For configuring a security key in the first place, one needs to set-up MFA with SMS/Phone before.

    But what good is a security key if a malicious somebody can just choose "sign in with another method" and then choose SMS, when SMS based MFA is discouraged everywhere because of security concerns.

    I would like to see something as in Google's advanced protection programme. True, this is not passwordless, but then…

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  14. I WOULD LIKE TO SPEAK TO SOMEBODY

    IS THERE A PHONE NUMBER?

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  15. Provide ability to prevent sign in with a password when passwordless is enabled

    Want to stop users being able to login with a standard password (with or without MFA) when passwordless has been enabled.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  16. Jag förstår ingeting!!!!!!!!!!!!!!!!!!!!!

    VARFÖR FUNGERAR INTE LÖSENORDET???????????????
    VARFÖR MÅSTE MAN BEGÄRA NYTT LÖSENORD???????????????????????

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  17. No passwords

    No more asking for passwords

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  18. Drop-down list is not supported on Password-Base SSO in Azure AD

    A drop-down list is not supported on Password-Base SSO in AzureAD.
    I would like to set a case of the attached file.
    I can not set a user ID on Password-Base SSO because I have to select a domain name by the drop-down list on the HTML site.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  19. Passwordless Sigin in

    Hi Folks,

    I have did all the setup for the Passwordless Sign in for the Windows 10 for the YubiKey 5 NFC I am facing issue in the Sign in window I am not getting that Security Key icon in the login screen I have enabled the Security key sign in using the WIndows Configurationmanager PPKG file . Any ideas what could be missing ?

    Regards,

    Mithun M

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    1 comment  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  20. Support passwordless sign-in for AAD Join

    Currently getting an access denied error (80004005) when attempting to AAD Join with app sign-in. Needed to type password + MFA challenge instead. Windows 10 1809.

    1 vote
    Sign in
    (thinking…)
    Sign in with: Microsoft
    Signed in as (Sign out)

    We’ll send you updates on this idea

    0 comments  ·  Passwordless  ·  Flag idea as inappropriate…  ·  Admin →
  • Don't see your idea?

Feedback and Knowledge Base