Control: Azure > CIS v5.0 > 5 - Identity Services > 5.28 - Ensure passwordless authentication methods are considered
Configures auditing against a CIS Benchmark item.
Level: 1
Passwordless authentication methods improve security and user experience by replacing passwords with something you have (e.g., a hardware key), something you are (biometrics), or something you know, offering a convenient and secure way to access resources.
Microsoft Entra ID and Azure Government integrate the following passwordless authentication options: - Windows Hello for Business - Platform Credential for macOS - Platform single sign-on (PSSO) for macOS with smart card authentication - Microsoft Authenticator - Passkeys (FIDO2) - Certificate-based authentication
Using passwordless authentication makes sign-in easier and more secure by removing passwords, helping to protect organizations from attacks and improving the user experience.
Resource Types
This control targets the following resource types:
Policies
This control type relies on these other policies when running actions:
- Azure > CIS v5.0 > Maximum Attestation Duration
- Azure > CIS v5.0 > 5 - Identity Services > 5.28 - Ensure passwordless authentication methods are considered > Attestation
- Azure > CIS v5.0
- Azure > CIS v5.0 > 5 - Identity Services > 5.28 - Ensure passwordless authentication methods are considered
- Azure > CIS v5.0 > 5 - Identity Services
- Azure > CIS v5.0 > 5 - Identity Services > Maximum Attestation Duration
Category
In Your Workspace
Developers
- tmod:@turbot/azure-cisv5-0#/control/types/r0528
- tmod:@turbot/cis#/control/categories/v071603
- turbot graphql controls --filter "controlTypeId:tmod:@turbot/azure-cisv5-0#/control/types/r0528"
Get Controls