Passkeys frequently asked questions (FAQ)

Yes, passkeys are designed to replace passwords. You can think of passkeys as the evolution of passwords: instead of remembering (or writing down!) your complex passwords, a passkey is linked to your device (for example, your computer or your phone).

When you want to sign in to a website or application, your device acts like a magic key. No need to type anything, just use your device, and it works! Passkeys are like digital keys that make signing in easier and safer.

Instead of sending a password over the Internet, your device generates a pair of keys: a private key and a public key.

• The private key is stored securely on your device

• The public key is registered with the website or application

When you want to sign to the website or application, your device has to prove that it has the private key. After you unlock your private key, your device digitally signs a challenge from the website or application. The website or application verifies the signature using the public key and grants you access.

Yes, passkeys are considered a form of multi-factor authentication. When you use a passkey, you must use a device that stores the passkey (something you have) and unlock it with biographic information or a PIN (something you are, or something you know).

Yes, passkeys are phishing resistant. When they are created, passkeys are associated with the specific domain that the website or app are registered with. A passkey created for netflix.com can only be used with netflix.com. While a user can be tricked into landing on a similar looking website, they can't present their passkey to the malicious website. Their device won't allow it.

Yes, you can use passkeys across multiple devices. Synced passkeys allow you to use your passkey anywhere the provider is. On Windows you can use Microsoft Password Manager or a third-party provider to save and use passkeys created on other devices.  

In addition, you can use cross device authentication: a passkey might be stored on one device, and you can use it for sign-in on another device through a QR code that is generated on the device where you want to sign in. During this process, a proximity check takes place to ensure that the passkey is only being used for authentication on a device that's nearby. With this technology, you can rest assured that your passkey can't be used by a remote attacker to gain access from far away. 

Microsoft Password Manager is Microsoft's password and passkey management solution.

You can create, view, and edit passwords and passkeys, run password security checks, and access other password and passkey autofill options.

Learn how to view or edit your passwords in Microsoft Edge.

Here are some possible reasons:

1. To take advantage of the latest passkey features, you must use Windows 11. To verify which version of Windows your device is running, open the Settings app Glyph Library: fluent Glyph Name: SettingsApp > System > About or use the following shortcut:

   About Windows

2. You might have to update your Windows device. To check that your device is up to date, open the Settings app > Update & Security > Windows Update and check the update status and available updates.

   Check for updates

1. If your device is registered or managed by your organization (work or school), some passkeys options are unavailable. To check if your device is registered in your organization, open the Settings app > Accounts > Access work or school and verify if your device is connected.

   Check work or school

Whether you have positive feedback or concerns about passkeys, we welcome your input. You can submit feedback to Microsoft by opening the Feedback Hub app , and use the category Security and Privacy > Passkey , or use the following shortcut:

Feedback