The keys arrived today. Ken started testing the K33 and received the message below when registering with Azure AD. There shouldn’t be any blocks or restrictions. Do you have documentation or someone that might be able to assist?


“We detected that this particular key type has been blocked by your organization. Contact your administrator for more details and try registering a different type of key.”

Reset K33:

We have no blocks in place currently, and both the tool and windows fails to reset the k33 

Reset requires to be done within 10 seconds after powering up, and a user touch is needed.

Aha, that was the issue to reset it. Allthough it appears that it is still getting the blocked message. As you can see there are no key restrictions set in our AAD.




And I’m not crazy and have myself in that group as well which works for all other keys.



We just found solution to the issue. You should disable the ‘Enforce attestation’ in your portal.Azure account. Security-Authentication methods - Authentication method policy (Preview).