What Changes for You

Your organization may be rolling out passkeys, or you may have noticed consumer apps offering them. Either way, here’s what changes for you.

The short version

Instead of typing a password and then approving a push notification or entering a code, you’ll sign in using your fingerprint, face, or a PIN - the same way you unlock your phone or computer. It’s faster and more secure.

Before vs after

With a password: Enter username → type password → wait for SMS or push → approve on phone → signed in (15-30 seconds)

With a passkey: Enter username → verify with fingerprint, face, or PIN → signed in (3-5 seconds)

That’s the whole change. One step instead of three.

What you’ll need to do

1. Set up your passkey - a one-time process that takes about 2 minutes. You’ll go to a website, choose your method, and follow the prompts.
   • Microsoft Authenticator on your phone
   • A hardware security key
   • Windows Hello on your PC
   • A syncable passkey in your platform’s credential manager (iCloud Keychain, Google Password Manager, or a third-party password vault). This one leaves the end-user path - see Device-Bound vs Syncable Passkeys for the trade-offs.

2. Sign in with your passkey - from that point on, sign-in uses your fingerprint, face, or PIN instead of a password

3. That’s it - your daily workflow stays the same, sign-in just gets faster

What stays the same

• You’ll still go to the same websites and apps
• Your email, files, and everything else works exactly the same
• Your username doesn’t change
• You can still use multiple devices, with some caveats - see Device-Bound vs Syncable Passkeys for when a passkey follows you across devices and when it doesn’t

What you don’t need to worry about

• You don’t need to remember a new password - there is no password with a passkey
• Your fingerprint/face data stays on your device - it’s never sent to Microsoft or application owner. It only unlocks the passkey locally.
• Your biometric data stays safe - the application knows that you registered a passkey, but not what fingerprint or face you used

Common questions

Do I still need my password? During the transition, your password may still work as a backup. Eventually, your password may phase out entirely. You’ll be informed before this happens.

What if my fingerprint reader doesn’t work? You can use a PIN as a fallback. The PIN is set up during passkey registration.

Can I have multiple passkeys? Yes. You can register a passkey on your phone and on your computer, or on multiple security keys. Having more than one is actually recommended - if you lose one, you still have the other.

What if I lose my phone or key? Contact support. They’ll verify your identity and give you a temporary way to sign in so you can set up a new passkey. See What to Do If You Lose Your Device for the full process.