What are passkeys and why they matter

What are passkeys?

Passkeys are the future of signing in—simple, secure, and stress-free.

No typing, no guessing, no “forgot password” drama. With passkeys, you don't need to create and remember passwords. Instead of typing a password, you use your phone or device to confirm it’s really you, using your face or a fingerprint.

Why do passkeys matter?

Passkeys are incredibly easy to use and intuitive, eliminating the need for complicated password creation processes and the hassle of remembering them.

Also, passkeys are unique to each website or application, so you don't have to worry about someone using your passkey to access other services. And unlike passwords, passkeys are resistant to phishing attempts, making them a much more secure option.

Best of all, you can use your passkey across all your devices, so you never have to worry about forgetting your password again!

If the website or app you're using supports passkeys, you can sign in:

On your computer, using Windows Hello with PIN, fingerprint, or face.
On your phone, using Face ID, fingerprint, or your usual unlock PIN.
Across all your devices. If you save a passkey to a synced credential manager (such as Microsoft Password Manager), your passkeys sync through your cloud account allowing you to sign in using a different device.

To get started, add a passkey to your Microsoft personal or work/school account, or accept the "Create a passkey?" pop-up you may see whenever you sign in to any other website that offers it.

Tip: Watch this short video to better understand the benefits of passkeys, and how they provide a faster, safer, and easier experience compared to passwords.

Your browser does not support video. Install Microsoft Silverlight, Adobe Flash Player, or Internet Explorer 9.

When should you start using passkeys?

As soon as possible!

Add a passkey to your Microsoft personal or work/school account today, and if a website offers you to store a passkey on your phone or computer next time you sign in, accept it!

Tips:

Save your passkeys to a synced credential manager (such as Microsoft Password Manager) whenever possible. That way, your passkeys are synced and available on all your devices.
If you want to save your passkey on your device, create passkeys on your other devices too (e.g., phone, tablet, laptop) to act as a digital spare key.

Frequently asked questions about passkeys

Yes, you can use passkeys across multiple devices. Synced passkeys allow you to use your passkey anywhere the provider is. You can use Microsoft Password Manager or a third-party provider to save and use passkeys created on other devices.

In addition, you can use cross device authentication: a passkey might be stored on one device, and you can use it for sign-in on another device through a QR code that is generated on the device where you want to sign in. During this process, a proximity check takes place to ensure that the passkey is only being used for authentication on a device that's nearby. With this technology, you can rest assured that your passkey can't be used by a remote attacker to gain access from far away.

Tips:

Save your passkeys to a synced credential manager whenever possible. That way, your passkeys are synced and available on all your devices.
If you want to save your passkey locally on your device, create passkeys on your other devices too (e.g., phone, tablet, laptop) to act as a digital spare key.
If you sign in with a work or school account, your organization may limit which options you can use.

Yes, passkeys are designed to replace passwords. You can think of passkeys as the evolution of passwords: instead of remembering (or writing down!) your complex passwords, a passkey is linked to your device (for example, your computer or your phone).

When you want to sign in to a website or application, your device acts like a magic key. No need to type anything, just confirm sign-in using your Face ID, fingerprint or PIN on your device, and it works! Passkeys are like digital keys that make signing in easier and safer.

Important: Biometric data stays on your device and is never shared with Microsoft.

A passkey is made up of two parts: one stays locked on your phone or computer, and the other sits with the website or app.

Instead of sending a password over the Internet, your device generates a pair of keys: a private key and a public key.

The private key is stored securely on your device
The public key is registered with the website or application

When you want to sign in to the website or application, your device has to prove that it has the private key. After you unlock your private key, your device digitally signs a challenge from the website or application. The website or application verifies the signature using the public key and grants you access.

Yes, passkeys are considered a form of multi-factor authentication. When you use a passkey, you must use a device that stores the passkey (something you have) and unlock it with biographic information or a PIN (something you are, or something you know).

Here are some possible reasons:

To take advantage of the latest passkey features, you must use Windows 11. To verify which version of Windows your device is running, open the Settings app > System > About or use the following shortcut:About Windows
You might have to update your Windows device. To check that your device is up to date, open the Settings app > Update & Security > Windows Update and check the update status and available updates.Check for updates
If your device is registered or managed by your organization (work or school), some passkeys options are unavailable. To check if your device is registered in your organization, open the Settings app > Accounts > Access work or school and verify if your device is connected.Check work or school

Yes, passkeys are phishing resistant. When they are created, passkeys are associated with the specific domain that the website or app are registered with.

For example, a passkey created for netflix.com can only be used with netflix.com. While you may be tricked into landing on a similar looking website, your device won't present your passkey to the malicious website.

Note: You can only create a passkey for your work/school account if supported by your organization. Contact your organization's IT Admin for more details.

Supported devices

Windows 10 and newer.
macOS Ventura and newer.
ChromeOS 109 and newer.
iOS 16 and newer. Passkeys in Microsoft Authenticator require iOS 17 and newer.
Android 9 and newer. Passkeys in Microsoft Authenticator require Android 14 and newer.
Hardware security keys that support the FIDO2 protocol.

Supported browsers

Microsoft Edge 109 or newer. Microsoft Password Manager is only available in Edge v142 and newer.
Safari 16 or newer.
Chrome 109 or newer.

Device-bound means that the passkey is stored only on the specific device where it was created and it does not sync to other devices or the cloud.

Note: You can only sign in from that device (or with a backup passkey). If you lose the device, you lose the passkey unless you have another recovery method.

A synced passkey is saved in a credential manager or cloud service, such as Microsoft Password Manager. Synced passkeys can synchronize between your devices via a cloud service.

Notes:

You can log in from multiple devices without creating new passkeys.
If you sign in with a work or school account, your organization may limit which options you can use.

Microsoft Password Manager is Microsoft's password and passkey management solution.

You can create, view, and edit passwords and passkeys, run password security checks, and access other password and passkey autofill options.

Note: Microsoft Password Manager is rolling out, and is only available in Edge v142 and newer, when using a personal profile.

Pop-up graphic promoting how you can sign in faster using your face, fingerprint or PIN.

If you see this screen when signing in to your Microsoft account, select Next in the on-screen prompt to be guided through creating and saving a passkey for your Microsoft account to your device or a password manager.

Learn more about how to create and save a passkey.

Whether you have positive feedback or concerns about passkeys, we welcome your input. You can submit feedback to Microsoft by opening the Feedback Hub app , and use the category Security and Privacy > Passkey , or use the following shortcut:

Feedback