AlanApr 15

I wish Microsoft account (personal) was a bit better documented. 🤯

It's possible to add a #passkey / Windows Hello, without having provided 2FA. Naturally, you can't turn around and use that passkey as 2FA.

But if you sign in with that passkey and then provide 2FA, Microsoft sets a flag and you can use the passkey as 2FA going forward.

(By default, 2FA is required for some actions like opening "Additional security options".)

Show threadSALT🧂
@sourcejedi This is good to know. I thought that an existing 2FA method was required to add passkey.
Apr 15 at 10:16amMastodon for iOS
Show threadAlanApr 15
@0f1ab009
If you haven't turned on "two step verification", and you sign in on a new device, it may automatically invite you to save a passkey on the new device. It does not ask for any extra verification to do that.