Log into an ARM Windows 11 virtual machine using FIDO protocol

0 users found this article helpful

This article describes the issue when upon trying to log into an Azure domain joined ARM Windows 11 virtual machine with a YubiKey token, you might not get a FIDO2 token prompt.


To resolve your issue, follow the instructions below:

1. Start your ARM Windows 11 virtual machine.


2. Press Command + R to open the 'Run' dialog box. Type in CMD and press CTRL + SHIFT + ENTER then (this shortcut will allow you to open CMD as administrator).


3. Execute the following command below:

REG ADD "HKLM\SOFTWARE\policies\Microsoft\FIDO" /v EnableFIDODeviceLogon /t REG_DWORD /d 1 /f 

4. Open Registry Editor: in the search box on the taskbar, type in regedit, then select Registry Editor (Desktop app) from the results.


5. Then follow the path as instructed below: 

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\PasswordLess\Device

6. Find the DevicePasswordLessBuildVersion file and open it.

7. Change the Value data from 2 to 0 and click OK.

8. Start your virtual machine and try to log in again.

Was this article helpful?

Tell us how we can improve it.