Passkey

identity

A FIDO2 credential that can be synced across devices, enabling passwordless authentication without hardware tokens.

What is Passkey?

Passkeys are the consumer-friendly evolution of FIDO2. While traditional FIDO2 credentials are bound to a specific hardware device, passkeys can be synced through cloud services (like iCloud Keychain or Google Password Manager), making them more convenient while maintaining phishing resistance. Device-bound passkeys remain tied to specific hardware for higher assurance scenarios.

In Microsoft 365

Microsoft 365 supports both synced passkeys and device-bound passkeys. Users can register passkeys stored in platform authenticators (Windows Hello, iPhone, Android) or in password managers that support the FIDO2 standard.

Examples

1iCloud Keychain passkey
2Google Password Manager passkey
31Password passkey
4Windows Hello passkey

Related TrueConfig Controls

These controls help implement and verify passkey in your Microsoft 365 environment.

PA-05Require Phishing-Resistant MFA for Admins ID-04Require Phishing-Resistant MFA for All Users

Frequently Asked Questions

What is Passkey?▼

A FIDO2 credential that can be synced across devices, enabling passwordless authentication without hardware tokens.

How does Passkey work in Microsoft 365?▼

What are examples of Passkey?▼

Examples of Passkey include: iCloud Keychain passkey, Google Password Manager passkey, 1Password passkey, Windows Hello passkey.

Which TrueConfig controls relate to Passkey?▼

TrueConfig controls related to Passkey include: PA-05, ID-04. These controls help implement and verify passkey in your environment.

Related Terms

FIDO2

An open authentication standard that enables passwordless authentication using public key cryptography.

Passwordless Authentication

Authentication methods that verify identity without requiring traditional passwords.

← Back to Glossary Browse Controls →