Clatent

Technology | Fitness | Food

Security

EntraFIDOFinder: New Web UI and Over 70 New Authenticators

by Leave a Comment

You read that right, over 70 new authenticators are now approved for Entra Attestation and have been add to the web ui and the PowerShell module! I knew they had to be holding back after these last few updates. Also I’ve updated the web UI and curious of your thoughts. I wanted to make it more modern and easier to view, especially the details window.

Here are a few of the new authenticators, but check the change log for the full list.

Android Authenticator

AAGUID: b93fd961-f2e6-462f-b122-82002247de78

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

ATLKey Authenticator

AAGUID: 019614a3-2703-7e35-a453-285fd06c5d24

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

Dapple Authenticator from Dapple Security Inc.

AAGUID: 6dae43be-af9c-417b-8b9f-1b611168ec60

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

Deepnet SafeKey/Classic (FP)

AAGUID: e41b42a3-60ac-4afb-8757-a98f2d7f6c9f

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

Deepnet SafeKey/Classic (USB)

AAGUID: b9f6b7b6-f929-4189-bca9-dd951240c132

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

ellipticSecure MIRkey USB Authenticator

AAGUID: eb3b131e-59dc-536a-d176-cb7306da10f5

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

Ensurity AUTH BioPro Desktop

AAGUID: 9eb85bb6-9625-4a72-815d-0487830ccab2

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

Ensurity AUTH TouchPro

AAGUID: 50cbf15a-238c-4457-8f16-812c43bf3c49

Supported Interfaces:

InterfaceSupported
Biometric
USB
NFC
BLE

I’ve been working on better ways to see what keys have been added, removed, or modified, as well as approving valid vendors. It’s not perfected yet, but when I get closer, I’ll do a demo of it.

Let me know what you think of the new design and what functionality you wish it had. Also are there any keys you wish were attestation approved for Entra?

Where to get:
PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.22
Github: https://github.com/DevClate/EntraFIDOFinder/tree/main
Web UI: https://devclate.github.io/EntraFIDOFinder/Explorer/

Appreciate you taking the time and stay safe out there!

January 19, 2026 Updates to EntraFIDOFinder

by Leave a Comment

It’s been a bit since an update on the PowerShell module EntraFIDOFinder as there haven’t been any new keys and only a few keys have have changed functionality. It is now updated on Github and PowerShell gallery. Are there any features you would like to see on the PowerShell module or the web version? Would love to hear your input!

Updated Keys for V0.0.21

  • Updated ‘USB’ for AAGUID ‘820d89ed-d65a-409e-85cb-f73f0578f82a’ from ‘✅’ to ‘❌’.
  • Updated ‘BLE’ for AAGUID ‘820d89ed-d65a-409e-85cb-f73f0578f82a’ from ‘✅’ to ‘❌’.
  • Updated ‘USB’ for AAGUID ’39a5647e-1853-446c-a1f6-a79bae9f5bc7′ from ‘✅’ to ‘❌’.
  • Updated ‘BLE’ for AAGUID ’39a5647e-1853-446c-a1f6-a79bae9f5bc7′ from ‘✅’ to ‘❌’.
  • Updated ‘USB’ for AAGUID ‘9d3df6ba-282f-11ed-a261-0242ac120002’ from ‘✅’ to ‘❌’.
  • Updated ‘NFC’ for AAGUID ‘9d3df6ba-282f-11ed-a261-0242ac120002’ from ‘❌’ to ‘✅’.
  • Updated ‘USB’ for AAGUID ‘3f59672f-20aa-4afe-b6f4-7e5e916b6d98’ from ‘✅’ to ‘❌’.
  • Updated ‘NFC’ for AAGUID ‘3f59672f-20aa-4afe-b6f4-7e5e916b6d98’ from ‘❌’ to ‘✅’.
  • Updated ‘USB’ for AAGUID ‘d821a7d4-e97c-4cb6-bd82-4237731fd4be’ from ‘❌’ to ‘✅’.
  • Updated ‘USB’ for AAGUID ‘9f77e279-a6e2-4d58-b700-31e5943c6a98’ from ‘❌’ to ‘✅’.

PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.21
GitHub: https://github.com/DevClate/EntraFIDOFinder

v0.0.20 EntraFIDOFinder is out

by Leave a Comment

4 New keys have been added and a few changes in capabilities!

New Keys:

  • Hyper FIDO Pro NFC – 23195a52-62d9-40fa-8ee5-23b173f4fb52
  • Hyper FIDO Pro (CTAP2.1, CTAP2.0, U2F) – 6999180d-630c-442d-b8f7-424b90a43fae
  • DEMIA SOLVO Fly 80 R3 FIDO Card c – dda9aa35-aaf1-4d3c-b6db-7902fd7dbbbf
  • IDEMIA SOLVO Fly 80 R3 FIDO Card e – def8ab1a-9f91-44f1-a103-088d8dc7d681

Updated Keys:

  • Updated ‘NFC’ for AAGUID ‘3f59672f-20aa-4afe-b6f4-7e5e916b6d98’ from ‘✅’ to ‘❌’.
  • Updated ‘USB’ for AAGUID ‘b12eac35-586c-4809-a4b1-d81af6c305cf’ from ‘✅’ to ‘❌’.
  • Updated ‘NFC’ for AAGUID ‘b12eac35-586c-4809-a4b1-d81af6c305cf’ from ‘✅’ to ‘❌’.
  • Updated ‘NFC’ for AAGUID ‘9d3df6ba-282f-11ed-a261-0242ac120002’ from ‘✅’ to ‘❌’.
  • Updated ‘USB’ for AAGUID ’39a5647e-1853-446c-a1f6-a79bae9f5bc7′ from ‘❌’ to ‘✅’.
  • Updated ‘BLE’ for AAGUID ’39a5647e-1853-446c-a1f6-a79bae9f5bc7′ from ‘❌’ to ‘✅’.
  • Updated ‘USB’ for AAGUID ‘820d89ed-d65a-409e-85cb-f73f0578f82a’ from ‘❌’ to ‘✅’.
  • Updated ‘BLE’ for AAGUID ‘820d89ed-d65a-409e-85cb-f73f0578f82a’ from ‘❌’ to ‘✅’.

How have your FIDO2 implementations been going? Would love to hear your stories!

PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.20
GitHub: https://github.com/DevClate/EntraFIDOFinder

EntraFIDOFinder Update

by Leave a Comment

There haven’t been much changes the past couple months, but finally a biggish update happened where Microsoft has added 10 more keys that are Attestation capable.

Added Attestation capable keys:

  • Chipwon Clife Key | 930b0c03-ef46-4ac4-935c-538dccd1fcdb
  • HID Crescendo 4000 FIDO | aa79f476-ea00-417e-9628-1e8365123922
  • ID-One Key | 82b0a720-127a-4788-b56d-d1d4b2d82eac
  • ID-One Key | f2145e86-211e-4931-b874-e22bba7d01cc
  • VeridiumID Passkey Android SDK | 8d4378b0-725d-4432-b3c2-01fcdaf46286
  • VeridiumID Passkey iOS SDK | 1e906e14-77af-46bc-ae9f-fe6ef18257e4
  • VinCSS FIDO2 Fingerprint | 9012593f-43e4-4461-a97a-d92777b55d74
  • YubiKey 5 Series with NFC – Enhanced PIN | 662ef48a-95e2-4aaa-a6c1-5b9c40375824
  • YubiKey 5 Series with NFC – Enhanced PIN (Enterprise Profile) | b2c1a50b-dad8-4dc7-ba4d-0ce9597904bc
  • YubiKey 5 Series with NFC KVZR57 | 9eb7eabc-9db5-49a1-b6c3-555a802093f4

Are you requiring attestation? How has your implementation of FIDO2 keys been?

Don’t forget about the web version at: https://devclate.github.io/EntraFIDOFinder/Explorer/

Need the module?
– PowerShell: Install-PSResource EntraFIDOFinder
– PowerShell Gallery: https://www.powershellgallery.com/packages/EntraFIDOFinder/0.0.19
– GitHub: https://github.com/DevClate/EntraFIDOFinder

Did you know: SSPR/Password Reset Edition

by Leave a Comment

Did you know if you convert to the combined experience for SSPR and password reset, you can remove less secure phone, email, and text authentication? This is as long as you have Authenticator registered and higher methods allowed. See below for SSPR.

This works for SSPR and for password reset through My Sign-Ins.

The gotcha is if you have 2 methods required for SSPR, it will say your not registered for SSPR even if your enabled for it, but only have 1 method (Microsoft Authenticator) registered. As you can see below.

I would definitely recommend adding more secure options as well but at the minimum I’d use Authenticator or higher.

How do you keep your user protected in this situation?

Hope this quick tip was useful and have a great day!

Why does my 365 Admin Audit Log sometime say it’s disabled, but other times enabled? Am I being compromised?

by Leave a Comment

Let me first start this off with I’m 99% sure you aren’t being compromised, but read on to see what I mean.

I first ran into this when I was running Maester and I saw that it said my test failed for having Unified Audit Log enabled. I then went to my Purview Portal and saw that it was enabled. Next I ran the command:

Get-AdminAuditLogConfig | Format-List UnifiedAuditLogIngestionEnabled

And received this output:

UnifiedAuditLogIngestionEnabled : False

It got me worried, as why is the PowerShell version saying it failed, but the GUI isn’t. Honestly, I usually trust the PowerShell output before the GUI. Then I run the PowerShell command to set it to “True.”

Set-AdminAuditLogConfig -UnifiedAuditLogIngestionEnabled $true

And received this output:

WARNING: The command completed successfully but no settings of 'Admin Audit Log Settings' have been modified.

Are you scratching your head like I was? I thought, maybe it’s because on the portal it shows it’s enabled, it is seeing it there and not changing it. Why not put that in the warning message though?

I did a little research and found Audit Log Enable Disable | MSFT which is where this little gem is located

Important

Be sure to run the previous command in Exchange Online PowerShell. Although the Get-AdminAuditLogConfig cmdlet is also available in Security & Compliance PowerShell, the UnifiedAuditLogIngestionEnabled property is always False, even when auditing is turned on.

And that is when it clicks, I connect to ExchangeOnlineManagement first then IPPSSession which must be causing the issue! I then disconnect with “Disconnect-ExhangeOnline”, and reconnect using “Connect-ExchangeOnline.” Now for the moment of truth:

Get-AdminAuditLogConfig | Format-List UnifiedAuditLogIngestionEnabled

UnifiedAuditLogIngestionEnabled : True

Success! But now the “why does this happen and why haven’t more people reported this?” I asked my buddy Sam Erde, had he seen this before? And he was perplexed as I was. Then he started digging a bit, and saw that you couldn’t use -NoClobber as it is from the same module.

The crazy part is, if you export both versions, they are the exact same code! What could it be? Is it how the IPPSSession connects to the API? If so, why not put a message saying you are connecting with IPPSSession, please disconnect and use connect-exchangeonline?

The mystery still continues, but I know Sam is working on a fix to handle this more consistently and hopefully have a fix shortly!

Have you been burned by this before?

Cliff notes version:

  • You weren’t compromised (unless you see it being changed in the logs and/or you ensure you are checking it correctly)
  • Make sure when checking for AuditLog is enabled through PS that your not using IPPSSession for the command
  • Sam Erde is working on a fix for Maester

Hope this saves you some headaches and have a great day!