Passkeys do not work with Microsoft 365
When I go to add PassKeys to my MIcrosoft 365 portal it fails at the last step.
https://mysignins.microsoft.com/security-info
Same error in Chrome and Brave.
I was able to cancel the 1Password enrollment process and enroll a YubiKey just fine.
1Password Version: 1Password for Mac 8.10.7 (81007041)
Extension Version: 2.12.0
OS Version: 13.4
Browser:_ Brave
Comments
-
Contrary to what the passkey key directory site by 1Password says, Microsoft don’t support them yet
0 -
This content has been removed.
-
I can reproduce both, i.e. I am able to add a Passkey to my personal Microsoft account in Edge. On Firefox, 1Password reported an unknown error before it was able to save the actual passkey. For work accounts, I also get stuck in the naming step.
0 -
I can still reproduce the issue with Microsoft 365 with version 2.12.2 of the Firefox extension.
0 -
Hey @leonardder!
On Firefox, 1Password reported an unknown error before it was able to save the actual passkey.
This is a known issue that we've been able to reproduce. I'll add your instance of the issue to the ticket we're using to track the behavior. Hopefully our developers can come up with a fix for it in the future.
As for saving passkeys for work and school accounts, that appears to be an issue on the Microsoft side of things. I recommend reporting it to Microsoft: https://support.microsoft.com/en-us/contactus
Passkeys are quite new, so hopefully we'll see lots of improvements from our side and from other companies as they implement passkey support on their websites. Please let us know if you have any other questions or need more help!
ref: dev/core/core#22428
1 -
@Joy_1P Thanks for the feedback!
0 -
@leonardder You're welcome!
0 -
Hey @razeth,
I have taken a look at the internal issue and we are having some trouble reliably reproducing this one. Can you reproduce the issue and send over some additional details to help us with our investigation? Here's how: https://support.1password.com/cs/extension-console-log/.
Please attach the console log to an email message addressed to support+forum@1password.com with a link to this thread.
You should receive an automated reply from our BitBot assistant with a Support ID number. Please post that number here. Thanks very much!
0 -
In 1Password, I see this for my entry for my work login to Microsoft 365:
But when I go through the “use passkey” flow, it takes me to a page whose URL starts with
https://login.live.com/login.srfand when I try to log in, I get the error “That Microsoft account doesn't exist. Enter a different account or get a new one.”That error is I believe due to the fact that there are different login URLs for Microsoft depending on whether it’s a home account or a work/school account.
I also notice that I only get offered the passkey option when
microsoftonline.comis one of the websites listed for this login. So I’m guessing that it’s 1Password logic that is sending me to login.live.com, and I think it should be sending me to some other login page that works with a work/school account.Is there a way I can tell 1Password to use the work/school login?
1Password Version: 8.10.16
Extension Version: 2.15.1
OS Version: macOS 13.6
Browser: Chrome0 -
Hey @dcoletta,
You're right, at some point in the past, login.live.com and microsoftonline.com shared the same sign in credentials which has been added to our historical shared credentials list. This list combines login.live.com and microsoftonline.com under one domain so to speak, which explains why the Watchtower passkey banner is taking you to the incorrect page.
This is not the intended behaviour and I've gone ahead and raised this with our development team to investigate further, thank you for bringing this to our attention.
If you go directly to microsoftonline.com and sign in to your account, is there an option to add a passkey within your account settings?
ref: dev/core/core#24202
0 -
It seems like there ought to be a way to add a passkey in account settings, but I can’t find it, and Google’s no help.
https://mysignins.microsoft.com/security-infois where I would expect to see the option, but it’s not there:
0 -
Am I right that now Passkey only is available for personal Microsoft accounts and not for school and business accounts?
When I try to setup the passkey I will be redirected to: https://login.live.com/1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Browser: Not Provided0 -
I have not been able to setup a passkey with Microsoft either. It seems the only option is to use the MS Authenticator app.
0 -
@dcoletta that is the correct area to add 2FA methods, but Microsoft haven't yet implemented support for Passkeys in Entra ID (formerly Azure AD). That's the system that Microsoft 365 uses for authentication.
Your admins have the option to enable 'Security Key' in the list, if they do this. But that does not enable the support for Passkeys.
1 -
It works fine for Personal accounts with Microsoft (e.g. outlook.com or hotmail.com).
It does not work for Microsoft 365 Business accounts since Microsoft does not support Passkeys for those accounts at this time.
1 -
1Password's watchtower falsely lists passkey availability on a few sites including Microsoft 365. It is available for Microsoft Personal accounts like outlook.com, hotmail.com, etc.
https://1password.community/discussion/140574/passkeys-do-not-work-with-microsoft-365
0 -
Thanks for the update @wavesound!
0 -
Yes I also can reproduce this and reported to Microsoft
0 -
Hey @Piebas,
That's right. We have an internal issue filed to see if we can better separate the distinction between Microsoft 365 work/school accounts and Microsoft accounts for personal use.
Sorry for any confusion caused!
1 -
Hey @dcoletta, @OAW, @ajh0912, @wavesound,
Apologies for any confusion caused, passkeys are not yet available on Microsoft 365 work/school accounts it seems its only personal Microsoft accounts.
1 -
@steph.giles I’m experiencing this issue with my Microsoft 365 personal account. It presents no option to as they term it … go “passwordless” … except via MS Authenticator.
0 -
ok, clear.
Did you know when it's also working for work/school accounts?0 -
Thank you @eenturk!
1 -
Thanks for getting back to me @Piebas
I'm afraid I am unsure of a timeframe for when work/school accounts will support passkeys, apologies I can't be of more help at this time.
Please let us know if there's anything else we can help with at all.
0 -
Hi @OAW,
I'm sorry that you're experiencing trouble when trying to save the passkey for your personal Microsoft account. It sounds like you're clicking the "Passwordless account" option on the Security settings page. This option is for going passwordless by using Microsoft Authenticator to authenticate, rather than using a passkey. In order to add a passkey, you can use the following steps while on the Security page:
- In the Ways to prove who you are section, click "Add a new way to sign in or verify".
- Click the "Use your Windows PC" option.
- Click "Next".
- The 1Password "Save passkey" prompt will appear. Make sure the correct item is selected, then click "Save" to save the passkey to the item.
I should also mention that this is only possible on the Microsoft website at the moment with non-Safari browsers .
Let us know if that works for you.
0 -
With the latest nightly or stable builds of 1Password, I can't either use the scan qr code thing.. anyone else?
Microsoft surely enabled Passkey but only for livingontheEdge browser they have. :)0
