Enable usage of FIDO devices to sign on

This policy allows users to use a FIDO device, such as a phone, NFC card, to sign on to a desktop computer running Windows 10.

If you enable this policy setting, users can sign on to Windows using a FIDO device.

If you disable or do not configure this policy, users cannot use a FIDO device to sign on.


Supported on: At least Windows 10 Server, Windows 10 or Windows 10 RT
Registry HiveHKEY_LOCAL_MACHINE
Registry PathSOFTWARE\Policies\Microsoft\FIDO
Value NameAllowExternalDeviceSignon
Value TypeREG_DWORD
Enabled Value1
Disabled Value0

fidoauth.admx

Administrative Templates (Computers)

Administrative Templates (Users)