Share via

Implementing Passwordless Sign-In for Student Devices in Intune-Azure AD Environment

Aran Billen 826 Reputation points
2024-10-08T21:45:42.08+00:00

I’m exploring the implementation of passwordless sign-in for student devices that are already Intune-managed and Azure AD-joined, with existing passwords and Azure AD usernames. Here’s what I’d like to achieve:

  • Best Approach: What would be the most effective method for transitioning these devices to passwordless sign-in?
  • Steps Needed: What are the specific steps involved in enabling passwordless authentication for these devices?
  • Current Passwords: What happens to the students' existing passwords once the transition to passwordless authentication is complete?
  • Login Process: How would students log in to their devices under the new system?
  • Minimal Setup for Students: Is it possible to minimize the setup required from the students' side to ensure a smooth transition?
  • Authentication Devices: Students will only be able to use their school-issued devices (no mobile phones or other personal devices) for authentication. Is this scenario feasible?

Additionally, I'd like to understand how the student experience would look like during and after the transition.

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
9,679 questions
Microsoft Intune Security
Microsoft Intune Security
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Security: The precautions taken to guard against crime, attack, sabotage, espionage, or another threat.
419 questions
Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,899 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,083 questions
Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
21,823 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.

    Comments have been turned off. Learn more

  2. Crystal-MSFT 48,756 Reputation points Microsoft Vendor
    2024-10-10T02:34:26.6766667+00:00

    @Aran Billen, Thanks for posting in Q&A. To configure the passwordless sign in method on windows device, you can configure windows Hello for Business. After windows hello for business policy is applied, we can configure PIN or others to login the windows. For current password, this is still not under the user object. It will not affect.

    https://zcusa.951200.xyz/en-us/windows/security/identity-protection/hello-for-business/configure#configure-windows-hello-for-business-using-microsoft-intune

    Meanwhile, for students, here is a link describe passwordless. You can also read it as a reference.

    https://zcusa.951200.xyz/en-us/microsoft-365/education/deploy/protect-passwordless-students?tabs=windows#configure-devices

    Hope the above information can help.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.