HomeWinBuzzer NewsWindows 11: Microsoft Introduces Passwordless Policy for Entra ID-Joined Devices

Windows 11: Microsoft Introduces Passwordless Policy for Entra ID-Joined Devices


According to an announcement by , organizations that use Entra ID-joined devices can now opt for authentications via a new policy. This development was made possible via the September 2023 update for Windows 11, version 22H2. With this update in operation, Entra ID-joined devices can shift to a passwordless method, once enabled by an administrative policy shift.

Password-Less User Experience

Microsoft affirms that commercial organizations are now able to initiate the EnablePasswordlessExperience MDM policy from Microsoft Intune or another Mobile Device Management (MDM) solution to ensure a completely passwordless user experience on ID-joined Windows 11 machines. With the passwordless feature in place, no password prompt will be visible post the application of this policy. The absence of a password prompt will be observed during signing into a device's lock screen and during in-session authentication scenarios like password managers in a web browser, ‘Run as admin' situations and User Account Control (UAC).

Enhanced Authentication Options

Following the implementation of the passwordless policy, users will be presented with initial authentication options such as a security key, pin, Windows Hello, and fingerprint. Organizations are permitted to employ phishing-resistant methods, for instance, FIDO2 keys or Windows Hello for Business, which is Microsoft's biometric face scan authentication system. In case a user fails in authentication, options like PIN reset or Web sign-in can be utilized to help recover their credentials without the need of IT helpdesk engagement.

This update also allows Entra ID-joined devices to take advantage of a “Web sign-in” feature. This permits users to authenticate via the Microsoft Authenticator app or with a SAML-P federated identity. Following the completion of this update, Microsoft will offer the passwordless option to commercial users of Entra ID-joined Windows 11 alongside regular Microsoft account users, who gained access to this feature in 2021.

Markus Kasanmascheff
Markus Kasanmascheff
Markus is the founder of WinBuzzer and has been playing with Windows and technology for more than 25 years. He is holding a Master´s degree in International Economics and previously worked as Lead Windows Expert for Softonic.com.