System requirements and prerequisites
To set up and use the PingID integration for passwordless Windows login, the following requirements must be met:
System requirements
-
Microsoft Active Directory running on Windows Server 2016 or later.
-
Users' computers must be running Windows 10 (64-bit) or Windows 11, and must support Trusted Platform Module (TPM) 2.0.
If you have set the Resident Key option to Required for FIDO2 security keys, users can perform passwordless login without needing TPM on their computer. However, this only applies to keys paired after this setting is enabled. Learn more about the Resident Key option in (Legacy) Configuring the FIDO2 security key for PingID. As TPM 2.0 provides a greater degree of security, the passwordless login for Windows will always use TPM for storage if the relevant computer has the necessary support.
Prerequisites
-
Admin rights for the Domain Controller
-
A PingOne account.
-
A PingID account.
-
Registered PingID users with a paired mobile device or security key.
-
The Active Directory Group Policy setting Interactive logon: Number of previous logons to cache (in case domain controller is not available) set to 0.