This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(80, 15%, 17%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EHI%3C/text%3E%3C/svg%3E)
We are testing the ability to move to passwordless in my company, and for our test we've enabled "Passwordless Experience" via a Device Configuration Profile in InTune. We also enabled "Web Sign-in" in the same configuration profile. See below.
This effectively removes "Password" from the sign-in options, and adds "Web Sign-in".
The "Web Sign-in" option prompts the user to authenticate using Microsoft Authenticator, which is setup for all employees on company phones (we've been using this for years).
On the ensuing prompts (see below) to authenticate using Microsoft Authenticator, the user is presented with two screens that have the option to "Use your password instead".
Is it possible to not have "Use your password instead" as an option here? It defeats the purpose of going passwordless if the users have this ability at this point.
You will always have a password so Enforce Auth Strength with a CA policy instead and that will force users to use a passwordless/phishless auth method
https://learn.microsoft.com/en-us/entra/identity/authentication/concept-authentication-strengths
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Hiaring, Ian, Thanks for posting in Q&A. Based on my checking, there's no such policy in Intune to remove this option. But I find we can set policy in Microsoft Entra to set passwordless sign-in. maybe you can check if it can help.
You can also contact Microsoft Entra ID support to get more help.
https://learn.microsoft.com/en-us/entra/fundamentals/how-to-get-support
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.