Merill Fernando  
This is a compelling story. No iOS support yet but it's coming soon.
Oct 15, 2024 at 10:46pmWeb
Show threadMark EldridgeOct 16, 2024

@merill while I’m a huge fan of the usability benefit, and this is unquestionably a good thing for regular users…

…it does bother me that we are slinging key material around which was supposed to be hardware-bound.

Show threadMerill Fernando  Oct 16, 2024

@markeldo I think the goal was to replace passwords

If we are going to get the world to adopt passkeys over passwords this might be the only way.

Show threadMerill Fernando  Oct 16, 2024
@markeldo But 100% agree with the concerns.
Show threadMark EldridgeOct 16, 2024

@merill related, is there any way in Entra to identify whether a passkey/FIDO2 Authenticator is hardware bound (like a yubikey or TPM), or software bound like Google Authenticator/iCloud/1Password?

I thought no, but maybe there’s something new in the WebAuthN standard?

Show threadMerill Fernando  Oct 27, 2024
@markeldo The sign in logs in Entra include info on the passkey that was used