# Setup passkeys as MFA method for password less sign in
To register and use passkeys your IT provider has to enable and configure the option for your environment.
This guide is intended for end users and is not intended as a guide for setting up passkeys for IT administrators. Read this guide carefully and follow the steps exactly as documented if you want to get rid of your Microsoft account password and increase security. ### What is password less & phishing-resistant MFA **Passwordless MFA** eliminates the need for traditional passwords by using methods like biometrics (e.g., fingerprints) or hardware tokens. This approach enhances security and user convenience. **Phishing-resistant MFA** adds an extra layer of protection by ensuring that authentication methods are resistant to phishing attacks. It often involves using hardware tokens or biometric verification, making it much harder for attackers to impersonate users. Both methods can be combined in Microsoft Account products. Your administrator can configure so called passkeys to achieve both passwordless & phishing-resistant MFA with one solution. This guide walks you through the setup process of passkeys using Android or IOS devices and your Microsoft work or school account. ### Prerequisites - Managed Windows or MacOS device and mobile phone with Microsoft Authenticator installed. - Requires at least Android version 14 or iOS version 17. - Eighter your MFA method should be configured or a Temporary Access Pass (TAP) should have been sent to you by your IT provider (You can request a TAP from your IT contact person or order one for a specific time frame). ### Setup process The setup process consists of two steps. We need a Browser where we are already signed in using our Microsoft Account and also a mobile phone. So keep the devices ready and follow the guide based on your user account state and OS preference.**Existing user account** | **New user account** |
Open your work browser and sign in to [https://mysignins.microsoft.com ](https://mysignins.microsoft.com)and go to "Security info". | Sign in for the first time using the provided information. Most likely mail address, temporary access pass (TAP) and/or password. [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/zKuimage.png) |
**Android** | **IOS** |
Open settings app and choose "General management": [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/tOXimage.png) | Open settings app and choose "General": [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/WlYimage.png) |
Go to "Passwords, passkeys, and autofill": [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/G9zimage.png) | Head to "Autofill & Passwords": [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/O4limage.png) |
Make sure that the "preferred service" is Authenticator. Otherwise you can click on this switch area and select "Authenticator": [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/0c0image.png) [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/N74image.png) | Change "Set up Codes in" to Authenticator. Make sure that you have "Authenticator" on top enabled as well: [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-09/KYHimage.png) |
On [https://mysignins.microsoft.com](https://mysignins.microsoft.com) switch to "security info" tab and click "add sign-in method" to add new authentication method. | [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/rjVimage.png) | ||
Then select "Passkey in Microsoft Authenticator" and click "Add". | [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/ZIIimage.png) | ||
Then you have to select the OS of your mobile phone. | [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/image.png) | ||
Click through the dialog and make sure that you have the password manager set correctly (guide above) and Bluetooth is turned on on both devices (computer and mobile phone).Then you will get a pop up. Select "iPhone, iPad, or Android device". | [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/qemimage.png) | ||
Switch to your mobile phone and click scan the QR code that appears on the Computer. | [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/onMimage.png) | ||
Finally you have to save the passkey to your mobile phone and finish the process. | Select "Save/Create a passkey" and follow the wizzard.
|
[](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/CWsimage.png) | [](https://docs.lucanoahcaprez.ch/uploads/images/gallery/2024-10/uxUimage.png) |