Passwordless Authentication with YubiKey/FIDO2: Demos with Azure AD and Okta for Citrix Cloud

In today’s digital age, cyber threats have become increasingly sophisticated and password-based authentication has become vulnerable to attacks. That’s why passwordless authentication with YubiKey/FIDO2 has become an important aspect of modern security solutions. With passwordless authentication, users no longer need to remember and type in complex passwords, making the login process faster, more efficient, and more secure.

In this blog, we’ll present two demos to showcase how to seamlessly integrate YubiKey/FIDO2 with both Azure Active Directory (AD) and Okta. With both options, you can integrate authentication and use YubiKey in a passwordless mode or as a hardened policy authentication as an additional factor.

Demo 1: Complete Passwordless Authentication with Azure AD and Citrix Cloud

With this demo, we’ll show you how to enable complete passwordless authentication with Azure AD and Citrix Cloud using YubiKey/FIDO2. This integration provides a secure and seamless way for users to access their virtual desktops and apps.

To set up passwordless authentication with Azure AD and Citrix Cloud using YubiKey/FIDO2, follow these steps:

  1. Make sure your organization is running Azure AD and Citrix Workspace app version 2101 or later.
  2. Install the YubiKey authenticator app on your mobile device.
  3. Register your YubiKey to your Azure AD account.
  4. Configure Azure AD to use YubiKey as an MFA method for passwordless authentication.
  5. Configure Citrix Cloud to use Azure AD as the identity provider.
  6. Enjoy complete passwordless authentication with YubiKey/FIDO2 when accessing your virtual desktops and apps in Citrix Cloud.

Demo 2: Hardened Policy Authentication with Okta and YubiKey/FIDO2

With this demo, we’ll show you how to enable hardened policy authentication with Okta and YubiKey/FIDO2. This integration provides an additional layer of security for users who prefer a more stringent authentication policy. I am using Username and password for the first factor but can be replaced with a push notification or a Time-based One-Time token to achieve a passwordless experience.

To set up hardened policy authentication with Okta and YubiKey/FIDO2, follow these steps:

  1. Make sure your organization is running Okta and the YubiKey authenticator app on your mobile device.
  2. Register your YubiKey to your Okta account.
  3. Configure Okta to use YubiKey as a factor for hardened policy authentication.
  4. Enjoy the added security of YubiKey/FIDO2 as an additional factor when accessing your Okta account.

In conclusion, passwordless authentication with YubiKey/FIDO2 has become an essential aspect of modern security solutions. With these two demos, you can easily integrate YubiKey/FIDO2 with Azure AD and Okta, and enjoy the added benefits of passwordless authentication or a more stringent authentication policy. With YubiKey/FIDO2, you can ensure that your organization is protected against cyber threats and provide your users with a seamless and secure authentication experience..

Advertisement

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.