When setting up Passwordless security key sign-in Windows and attempting to sign-in to the first machine you have setup (although it could be any machine!) you may encounter the error:

Your credentials couldn’t be verified. (code: 0x000006d, 0x0)

This error message appears even though you can sign-in with the key to AzureAD and other web services.

The cause is likely to be the account you are testing with is a member of the Domain Admins (or a similar) privileged security group, I keep bumping into this one but can’t find the source article where I first read this. If I manage to find the article I’ll post a link!

UPDATE 31/01/2024: It appears there is a way to overcome this issue with a modification of Active Directory objects described at: https://learn.microsoft.com/en-us/entra/identity/authentication/howto-authentication-passwordless-faqs#fido2-security-key-sign-in-isnt-working-for-my-domain-admin-or-other-high-privilege-accounts-why

VN:F [1.9.22_1171]
Thumbs up if this article helped you 🙂
Rating: +3 (from 3 votes)
FIDO2 Security Key Sign-In to Windows - Your credentials couldn't be verified., 100% based on 3 ratings

Leave a Reply

Your email address will not be published. Required fields are marked *