Logon to your Windows 10 device with Azure AD and Security Key
![](/post/2020/05/windows10-logon-aad-security-key/featured_huba933b98eda01c490f5d7863fba419ac_182069_15b265e8bed10fd54d21f38570f5ca07.webp)
Intro
In this blog I will show how you can use a Security Key from for example Yubico or eWBM to logon to your device with an Azure AD account.
How to configure it
Go to the following URL: https://myprofile.microsoft.com you will get something like the following screen.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-001_hubce158b30b257dc65066b2cfb5ef4152_138703_20b515332c4b7fb793a3b70fc31bb60f.webp)
In the MyProfile portal you can do the following things:
- Password, here you can change your password.
- Devices, view, and manage your devices connected to your account.
- My sign-ins (preview), see when you or someone else did try to sign in with your account, it’s still in preview but very interesting to see that people use your e-mail address to try to hack your account.
- Organizations, see all the organizations that you’re a part of, so all the azure tenants that you have a guest account in.
- Privacy, will show you how the privacy settings are configured in your organization.
- Subscriptions, will show you witch licenses you have assigned to your account.
- Security info, manage like security key’s, MFA, Phone numbers, Authentication App. Alternate e-mail, App Passwords.
So we will go to the Security Info tile to configure there our Security Key from eWBM with a fingerprint.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-002_huddf6209fec752321829b26aad636cdc2_10683_1169c3df11920651e0963692600377d2.webp)
Now you see that I already have many different sign-in methods have configured, like my mobile number, office number, App Password, Microsoft Authenticator App, a Security Key from yubico and an alternative e-mail address outside of the tenant.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-003_hu8e32ff643c15baeb9d6e9e0ed8c83bdf_40045_b0400ea4fbb8f0bb5b5334d99d6694ae.webp)
We will click on the ‘Add method’ to add our eWBM security key with a fingerprint.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-004_hu9591b8db9e90c87448e68e132052c257_11112_26c2a49c139ee098cf8413ce5a34f801.webp)
and select from the method list ‘Security key’
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-005_hu500c23868145a6633ecd1568b95c86e7_7907_68349ad3577d3cce1e717daf751b64e3.webp)
then you can choose between a USB or NFC device for example, the Yubico has NFC in his device but no fingerprint yet like the eBWM. So we did choose the USB device option.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-006_hub178e44abbaa4c9789d8c7fe4462f927_9574_bbc0651b53f470f0a555c6d34a547e30.webp)
Now you have to insert the USB Security key in de USB port when we click next.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-007_hu1677fddb5f825705413592385f5dcf26_15939_a2bf2e84f4b192a2dbc125d0b7d4df81.webp)
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-011_hu24cf1d1b8e6a58d04d67c3c4a3ba441d_10225_dbb94379f9fe5568363eea1797e38156.webp)
You see here two screens the first one in black will normally stand over the white one, so we click ‘OK’
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-008_hud815fef55a1e90a1720b4772f9b2e235_183202_06be05168daade06b4bfb0fdbadad523.webp)
you have now to agree that Microsoft will save your credentials on the security key.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-009_hu47bd0b00475ac7e506f869c49c1504d8_16698_cecc9bca7be0ac1800eb219f09af1640.webp)
you are asked to touch the fingerprint on the security key.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-010_hu2b7cafaa684c51935c94736f3cc6bef5_7917_aae38440581f0e94aeec9308e10c6a02.webp)
When you have touched the fingerprint scanner on the security key the get the option to give the key a name that is easy for you to remember.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-012_hu10d30d7b8d6b640f01362098935ecae5_9693_9a77dfb95ab3941ff88eb68edbbbbc55.webp)
And now you are ready to use it for logging in on your device with the security key and your fingerprint.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-013_hu4cbd042337e9d42a8f6f4aa2d2a7bad5_15237_89a09a0fc62dca5921cf35feb0dba19c.webp)
When you click on ‘Done’ your will see that it is added to the overview of your authentication methods, see the understanding screen.
![](/post/2020/05/windows10-logon-aad-security-key/images/WindowsHelloSecurityKey-014_hu5d618e6f5923b118c237c1b29573c7be_9368_39c49d539499322dffe00085aed9ac25.webp)
Conclusion
I have a Surface Pro 3 device that has no Windows Hello camera so I use the eWBM Security key with fingerprint daily and are very happy with it, so no Pincode to remember and to type on the keyboard.