What is good about the technique is that it is based on certificates rather than passwords. Vole, Apple and Google are moving towards passwordless authentication to fend off phishing attacks designed to get around the really annoying multifactor authentication (MFA).
Microsoft Entra product manager Vimala Ranganathan said the preview give mobile device users a login method that supports Federal Information Processing Standards (FIPS) for anti-phishing MFA.
"On mobile, while customers can provision user certificates on their personal mobile device to be used for authentication, this is primarily feasible for managed mobile devices. But this new public preview unlocks support for BYOD. Customers can now provision certificates on a hardware security key which can then be used for authentication with Azure AD on iOS and Android devices."
iOS device users will have to register for the Yubico Authenticator app to copy YubiKey's public certificate into the iOS keychain and then select the YubiKey certificate to sign in and enter the PIN code.