Glossary
FIDO2
A phishing-resistant authentication standard supported by Microsoft Entra ID via hardware keys and passkeys.
FIDO2 is an open authentication standard from the FIDO Alliance, designed to replace passwords with strong cryptographic credentials that are phishing-resistant. A FIDO2 credential is a key pair generated on a device — typically a hardware security key (YubiKey, Feitian, Token2) or stored in the OS keychain as a passkey — that signs a challenge from the relying party (Entra ID). Microsoft Entra ID supports FIDO2 sign-in across web, Windows, Mac, iOS, and Android, including the WebAuthn browser API. Combined with Conditional Access, FIDO2 enables true passwordless sign-in for admins and high-risk users.