Microsoft launches passwordless authentication for Azure AD on iOS and Android

Phone security
(Image credit: Shutterstock)

Microsoft is looking to better protect hybrid workers connecting to its Azure Active Directory (AD) service via iOS or Android endpoints from phishing and password-stealing attacks. 

The company has introduced a new authentication method for the enterprise identity service that it says is a paswordless, certificate-based authentication (CBA) one, enabled through the YubiKey hardware security key, built by Yubico. 

According to Microsoft’s announcement, the tool will give mobile users Federal Information Processing Standards (FIPS) certified login solution, fully resistant to phishing attacks. 

Easy and secure authentication

“U.S. cybersecurity Executive Order 14028 requires the use of phishing-resistant MFA on all device platforms. On mobile, while customers can provision user certificates on their personal mobile device to be used for authentication, this is primarily feasible for managed mobile devices. But this new public preview unlocks support for BYOD,” Vimala Ranganathan, product manager of Microsoft Entra, wrote in the blog post announcing the new features. 

With the new solution, Microsoft AD users will be able to provision certificates with a hardware security key, allowing them to easily authenticate on mobile devices. Apple’s iOS users need to register via the Yubico Authenticator app, and copy the public certificate into the iOS keychain. After that, they can select the YubiKey certificate to sign in, and enter the PIN code. 

For Android users, Microsoft said Azure AD CBA support with YubiKey on Android mobile is enabled via the latest MSAL. Android users don’t need the YubiKey Authenticator app, as they can plug in their YubiKey via USB, initiate Azure AD CBA, pick the certificate from YubiKey, enter the PIN and get authenticated.

Microsoft claims this authentication method minimizes the chances of credential theft and identity theft, done through phishing or social engineering. 

“Microsoft’s mobile certificate-based solution coupled with the hardware security keys is a simple, convenient FIPS-certified phishing-resistant MFA method,” Ranganathan concluded. 

TOPICS

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

Read more
A fish hook is lying across a computer keyboard, representing a phishing attack on a computer system
Microsoft authentication system spoofed via phishing attack
Person using finger print authentication
Passwords out, passkeys in: The future of secure authentication
An abstract image of a lock against a digital background, denoting cybersecurity.
Building a resilient workforce security strategy
Security padlock in circuit board, digital encryption concept
MFA alone won’t protect you in 2025: the new cybersecurity imperative
Representational image of a shrouded hacker.
Getting to grips with Adversary-in-the-Middle threats
Microsoft
"Another pair of eyes" - Microsoft launches all-new Security Copilot Agents to give security teams the upper hand
Latest in Security
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Android Logo
Devious new Android malware uses a Microsoft tool to avoid being spotted
URL phishing
HaveIBeenPwned owner suffers phishing attack that stole his Mailchimp mailing list
Ransomware
Cl0p resurgence drives ransomware attacks to new highs in 2025
Google Chrome
Google Chrome security flaw could have let hackers spy on all your online habits
cybersecurity
Chinese government hackers allegedly spent years undetected in foreign phone networks
Latest in News
A young woman is working on a laptop in a relaxed office space.
I’ll admit, Microsoft’s new Windows 11 update surprised me with its usefulness, providing accessibility fixes, a gamepad keyboard layout, and PC spec cards
inZOI promotional material.
inZOI has become the most wishlisted game on Steam, but I wouldn't get too caught up in the hype
Xbox Series X and Xbox wireless controller set to a green background
Xbox Insiders are currently testing a new Game Hub feature that looks useful, but I've got mixed feelings about it
A stylized depiction of a padlocked WiFi symbol sitting in the centre of an interlocking vault.
Broadcom warns of worrying security flaws affecting VMware tools
Nespresso Vertuo Pop machine in Candy Pink with coffee drinks and capsules
My favorite Nespresso coffee maker just got a fresh new makeover, and now I love it even more
Microsoft Surface Laptop and Surface Pro devices on a table.
Hate Windows 11’s search? Microsoft is fixing it with AI, and that almost makes me want to buy a Copilot+ PC