I have been running passwordless now for a couple of months. My logon to Windows 10 device is using Windows Hello for Business and my Android access is using the Authenticator App.
In this article we concentrate on the Authenticator App and authentication with this.
The first task is to make sure that the Microsoft Authenticator app is enabled. I was also using the Temporary Access Pass so that a password was never set against the user from AD.
I set the Temporary Pass settings as below:
Once setup you can find the user in Azure AD. You choose the option to reset the password
I then logged on with my user account to https://mysignins.microsoft.com/security-info and setup the Authenticator app and then set as my default sign-in method.
It this point you open the Authenticator app on your phone choose your profile and “Setup phone sign-in, sign in without a password”. The phone then goes through the device registration.
Now when i go to logon to Azure/M365 i am faced with an approve sign in box which i match on my phone authenticator app.
That’s one less password to have to remember and the chance of the identity credentials being compromised reduced.