The DigiCert PKI platform now supports certificate-based authentication at scale for WHfB, enabling passwordless authentication on hybrid Azure AD-joined devices for organizations within the same platform where they manage certificates for their other private certificate use cases. WHfB is a passwordless authentication solution from Microsoft to verify sign-in/login, using strong multi-factor authentication on PCs and mobile devices, and biometric or PIN identity credentials.
Passwordless authentication is a growing trend as companies seek to improve security at the point of access, while simplifying the user sign-in experience. This need is becoming more pronounced as companies adopt zero-trust network access security models, which require authentication for each access point. With passwordless authentication, end users no longer need to create or remember passwords and instead employ more secure methods for verifying identity, such as passwordless logins, PIN identity credentials and biometric authentication.
“As our customers increasingly adopt zero-trust network access security models that require verification of each access request, certificate-based access security with automated workflows is becoming more critical for protecting against attacks,” said Brian Trzupek, Senior Vice President of Product at DigiCert. “DigiCert plays a leading role in enterprise PKI management, supporting more than 30 certificate types in its solutions. As the first publicly trusted CA to support WHfB integration with its managed enterprise PKI platform, DigiCert provides automated workflows and centralized certificate lifecycle management for identity and access verification.”
DigiCert PKI platform’s automated support for the WHfB certificate trust model on Azure AD hybrid deployments simplifies identity and access management across large enterprises with hundreds of thousands of workers and connection points. DigiCert support for WHfB:
- Simplifies WHfB certificate administration with pre-configured certificate templates and corresponding enrollment methods.
- Accelerates on-boarding with automated workflows and zero-touch provisioning of client-authenticated certificates required by WHfB to Windows domain-joined workstations and for domain controllers.
- Delivers the convenience of managing WHfB digital certificates with the same platform used for managing other enterprise use-cases.
WHfB certificate-based automation will be available this month on the DigiCert PKI Platform with additional platform support coming in Q1 2022.