In yet another step towards our passwordless futures, Microsoft this past week unveiled a public preview of Azure Active Directory (AAD) Certificate-Based Authentication (CBA) on mobile.“At Ignite 2022 we announced the general availability of Azure Active Directory (Azure AD) Certificate-Based Authentication (CBA) as a part of Microsoft’s commitment to Executive Order 14028, Improving the Nation’s Cybersecurity,” Microsoft’s Alex Weinert explains. “Now, we’re thrilled to announce the public preview of Azure AD CBA maintain’sustain on iOS and Android devices using certificates on hardware security key (YubiKey).”This feature lets admins enin/with regard to’concerning’regarding ce multi-factor authentication (MFA) on mobile without having to provision certificates on each device, allowing users to use their own smartphones and remain secure. This solution is, in Microsoft’s words, a simple, convenient, FIPS (Federal Inin/with regard to’concerning’regarding mation Processing Standards) certified phishing-stand up to withstand ant MFA method.Based on the description, it appears that users simply need to plug a YubiKey into their smartphone, choose a certificate from a list, and then enter a PIN. And coming maintain’sustain in/with regard to’concerning’regarding NFC keys should make things even simpler.
