--- title: Policy CSP - Authentication description: Policy CSP - Authentication ms.author: maricia ms.topic: article ms.prod: w10 ms.technology: windows author: nickbrower ms.date: 08/30/2017 --- # Policy CSP - Authentication > [!WARNING] > Some information relates to prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

## Authentication policies **Authentication/AllowEAPCertSSO**

Home	Pro	Business	Enterprise	Education	Mobile	Mobile Enterprise

> [!NOTE] > This policy is only enforced in Windows 10 for desktop and not supported in Windows 10 Mobile.

Allows an EAP cert-based authentication for a single sign on (SSO) to access internal resources. > [!IMPORTANT] > This node must be accessed using the following paths: > > - **./User/Vendor/MSFT/Policy/Config/Authentication/AllowEAPCertSSO** to set the policy. > - **./User/Vendor/MSFT/Policy/Result/Authentication/AllowEAPCertSSO** to get the result.

The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed. **Authentication/AllowFastReconnect**

Home Pro Business Enterprise Education Mobile Mobile Enterprise

check mark

Allows EAP Fast Reconnect from being attempted for EAP Method TLS.

The following list shows the supported values: - 0 – Not allowed. - 1 (default) – Allowed.

Most restricted value is 0. **Authentication/AllowSecondaryAuthenticationDevice**

Home Pro Business Enterprise Education Mobile Mobile Enterprise

check mark ¹ ¹ ¹ ¹ ¹ ¹

Home	Pro	Business	Enterprise	Education	Mobile	Mobile Enterprise
¹	¹		¹	¹	¹	¹

Added in Windows 10, version 1607. Allows secondary authentication devices to work with Windows.

The following list shows the supported values: - 0 – Not allowed. - 1 – Allowed.

The default for this policy must be on for consumer devices (defined as local or Microsoft account connected device) and off for enterprise devices (such as cloud domain-joined, cloud domain-joined in an on-premise only environment, cloud domain-joined in a hybrid environment, and BYOD).

Footnote: - 1 - Added in Windows 10, version 1607. - 2 - Added in Windows 10, version 1703. - 3 - Added in Windows 10, version 1709. ## Authentication policies supported by Windows Holographic for Business - [Authentication/AllowFastReconnect](#authentication-allowfastreconnect) ## Authentication policies supported by IoT Core - [Authentication/AllowFastReconnect](#authentication-allowfastreconnect)