This article describes the issue when upon trying to log into an Azure domain joined ARM Windows 11 virtual machine with a YubiKey token, you might not get a FIDO2 token prompt.
Resolution
To resolve your issue, follow the instructions below:
1. Start your ARM Windows 11 virtual machine.
2. Press Command + R to open the 'Run' dialog box. Type in CMD and press CTRL + SHIFT + ENTER then (this shortcut will allow you to open CMD as administrator).
3. Execute the following command below:
REG ADD "HKLM\SOFTWARE\policies\Microsoft\FIDO" /v EnableFIDODeviceLogon /t REG_DWORD /d 1 /f
4. Open Registry Editor: in the search box on the taskbar, type in regedit, then select Registry Editor (Desktop app) from the results.
5. Then follow the path as instructed below:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device
6. Find the DevicePasswordLessBuildVersion file and open it.
7. Change the Value data from 2 to 0 and click OK.
8. Start your virtual machine and try to log in again.
Was this article helpful?
Tell us how we can improve it.