Passkeys on Windows: Authenticate seamlessly with passkey providers

Passkeys on Windows just got easier! As part of Microsoft’s vision for a passwordless future we are working to make passkeys on Windows simple and intuitive. Passkeys are safer and easier to use than passwords, which are vulnerable to phishing and data breaches. That is why, in support of a passwordless future, we partnered in the FIDO alliance with other platforms in supporting passkeys. As part of our cross-industry commitment, we launched new native support for cross-device authentication and an updated experience to help users along the journey from website to platform. Continuing that journey at Authenticate 2024 we are introducing the following, which will be available in our Windows Insider channels in the coming months:

1. A plug-in model for third-party passkey providers
2. Enhanced native UX for passkeys
3. A Microsoft synced passkey provider

First, we’re excited to announce API support for third-party passkey providers to plug into the Windows 11 platform! Microsoft is partnering closely with 1Password, Bitwarden and others on integrating this capability to provide users with seamless third-party passkey provider integration into Windows 11. You will be able to use the same passkey on Windows 11 that you’ve created on your mobile device, and together we can raise the bar on login security with passkeys. To learn more join us at the Windows Security sessions at Authenticate Oct. 14-16!

Next, when creating and using passkeys, Windows 11 now has a redesigned Windows Hello experience. As a user, you can navigate to a website that supports passkeys and get prompted to select how you want to save your passkeys.

Draft UX showing GitHub page open on Edge browser with a pop-up prompting the user to choose how to save their passkeys, protected with Windows Hello, with ‘Save to your Microsoft account’ and ‘Save another way’ as options.

You will be asked to complete a one-time setup with your Microsoft account, and you will be prompted to save a recovery key that will be used to verify your identity and protect your passkeys through end-to-end encryption. You can then seamlessly authenticate using your preferred sign-in method (facial recognition, fingerprint or PIN), and save your passkey with Windows Hello.

Draft UX showing GitHub page open on Edge browser with a Windows Security pop-up and Windows Hello searching for Face ID to authenticate and save the passkey. 

Once you have created a new passkey you can choose to save it with Windows Hello and sync it so that you can also use it on another Windows device! Just login to another Windows 11 device with your Microsoft account, complete a one-time setup, and use your synced passkeys across your Windows 11 PCs. You get a simple, seamless, login experience—all you need to do is authenticate with Windows Hello. Your passkeys are secured by end-to-end encryption and protected with the device’s TPM (Trusted Platform Module).

Microsoft is committed to making passkeys more readily available wherever you need them, with the experience, flexibility and durability that you expect when using Windows. We are excited to have you try out these new features soon!

Join us as we continue paving the way towards a passwordless future with Windows 11.

Explore the new Windows 11 security features

At Microsoft, we truly believe that security is a team sport. By partnering with OEMs, app developers and other partners in the ecosystem, and by helping people be better at protecting themselves—we are continuing to make Windows more secure by design and more secure by default. The Windows Security Book is available to help you learn more about what makes it easy to stay secure with Windows 11.

To learn more about Microsoft Security solutions, visit our website, bookmark the Security blog to keep up with our expert coverage on security matters, and follow us on LinkedIn (Microsoft Security) and X (@MSFTSecurity) for the latest news and updates on cybersecurity.