Passkey (Device-Bound) Credentials

Passkeys (device-bound) supported by your organization may be used as a credential for authentication.

A passkey is a type of passwordless digital credential that is used as an authentication method. From a technical standpoint, passkeys are FIDO-based credentials that are discoverable by browsers or housed within native applications, or security keys for passwordless authentication.

Passkeys that are synced between a user's devices via a cloud service are generally referred to as "synced passkeys", while ones that never leave a single device are referred to as "device-bound passkeys".

On the Passkey (device-bound) page, you can add a new device or change your device.

To enroll a Passkey (synced) credential, use the DigitalPersona web-based enrollment as described in Passkey (Synced) Credential.

Note:  

  • Beginning with DigitalPersona version 3.4, passkeys are supported via the FIDO2 protocol.

  • FIDO UTF is no longer supported, and any previously enrolled passkeys need to be re-enrolled with DigitalPersona 3.4 or later.

  • Changing or resetting the PIN associated with a passkey is not done in your DigitalPersona software, but through your Microsoft Account. Under Manage, select Microsoft Security Key (their name for passkeys).

Enroll a Passkey (Device-Bound) Credential

  1. In the DigitalPersona Console, select Credential Manager, and click ADD on the Passkey (device-bound) tile to display the Passkey (device-bound) page.

  2. Insert a passkey into an available USB port and click Enroll.

  3. Depending on the type of passkey being used, activate it through one of the following actions.

    • Tap the sensor on the device.

    • Press a button on the device.

    • Remove and reinsert the device.

    • Tap the Touch or Tap the message window.

    • Enter the Passkey PIN.

Upon successful enrollment, CHANGE is added to the passkey credential icon.

Change the Passkey (Device-Bound) Currently Used as a Credential

  1. In the DigitalPersona Console, select Credential Manager, and click CHANGE on the Passkey (device-bound) tile to display the Passkey (device-bound) page.

  2. Select Re-Enroll.

  3. Tap, press the button on, or re-insert your passkey.

Upon successful enrollment, the Credential Manager page redisplays.

Delete the Passkey (Device-Bound) Credential

  1. In the DigitalPersona Console, select Credential Manager, and click CHANGE on the Passkey (device-bound) tile to display the Passkey (device-bound) page.

  2. In the upper right, click Delete Credential.

  3. In the confirmation dialog, click Delete.