Practice free →
HomeAzure AZ-900cloudcomputingidentitysecurity › Passwordless authentication on Microsoft Entra t…

Passwordless authentication on Microsoft Entra typically replaces the password with which combination of factors?

AJust a username — the platform skips authentication for trusted users
BTwo different passwords, each shorter than 8 characters
CJust an SMS one-time code with no other factor
DA device-bound credential (e.g. Windows Hello, FIDO2 security key, or Authenticator app) plus a biometric or PIN unlock
Answer & Solution
Correct answer: D. A device-bound credential (e.g. Windows Hello, FIDO2 security key, or Authenticator app) plus a biometric or PIN unlock
Passwordless on Entra uses a device-bound credential (asymmetric key in a TPM / FIDO2 key / Authenticator app) unlocked by a local gesture like biometric or PIN. SMS-only is single-factor and phishable; a username alone is no auth; two short passwords is still password-based.
Solve this in the app — Azure AZ-900 practice & 24k+ MCQs →
Related questions