# Passkey guide

### Minimum requirements for using a smartphone as a Passkey

{% hint style="info" %}
Here are the minimum requirements for using a smartphone as a Passkey on Android and iOS:

#### Android

1. **Operating System:** Android 9.0 or later.
2. **Google Play Services:** Version 19.2.75 or later, which provides support for Passkeys.
3. **Biometric Authentication:** The device should support biometric methods (fingerprint, face recognition) or PIN code for secure authentication.

#### iOS

1. **Operating System:** iOS 15 or later.
2. **Devices:** iPhone or iPad with Face ID or Touch ID support.
3. **iCloud Keychain:** iCloud Keychain must be enabled to sync Passkeys across devices.
   {% endhint %}

### About the Passkey

{% hint style="success" %}
Based on FIDO standards, **passkeys** are a replacement for passwords that provide faster, easier, and more secure sign-ins to websites and apps across a user’s devices. Unlike passwords, passkeys are always strong and phishing-resistant.​

Passkeys simplify account registration for apps and websites, are easy to use, work across most of a user’s devices, and even work on other devices within physical proximity.​

**Passkey may include:**

* Biometric authentication using Android devices;
* Touch ID / Face ID using iOS devices;
* Windows Hello;
* External security keys (like [**Hideez Key**](https://hideez.com/products/hideez-key-4) or YubiKey).
  {% endhint %}

### Seting Passkey on the Hideez Server

#### 1. Sign in to your Hideez server using the Hideez account

<figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/NRCZl1ds20Y4v9OAchZA/image.png" alt="" width="375"><figcaption></figcaption></figure>

### **To Create Passkeys for Admin account:**

* To create a passkey, go to the **Profile** page, then the  **FIDO2 Authenticators** section, and click **Add FIDO2 Authenticator**.

<div><figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/hfccsaLoI7ESORI5IjhL/Screenshot_6%20(1).jpg" alt=""><figcaption></figcaption></figure> <figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/Vuza45MuLwOo5tRtk7DJ/Screenshot_1%20(1).jpg" alt=""><figcaption></figcaption></figure></div>

### **To Create Passkeys for User Accounts:**

<figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/rCWvKDDE0TrrSmstwq5V/image.png" alt="" width="563"><figcaption></figcaption></figure>

* Following the on-screen steps, add a FIDO2 Authenticator, choosing between a **Cross-Platform key** (another device, like a phone or tablet) or **Platform key** (current device).

#### &#x20;Adding a [**Cross-Platform key:**](https://enterprise.hideez.com/use-cases/passkey/sso-login-to-web-services-fido2-via-passkey-and-hideez-server-as-identity-provider)

<div><figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/BFc1qv3kXAHqZAmFFhxE/Screenshot_14.jpg" alt="" width="466"><figcaption></figcaption></figure> <figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/zzAdOb9Ct0QXhuSBSHuj/Screenshot_26.jpg" alt="" width="425"><figcaption></figcaption></figure> <figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/wEXwE23FPql91iPPxpQY/Screenshot_27.jpg" alt="" width="422"><figcaption></figcaption></figure></div>

#### Adding a [**Platform key**](https://enterprise.hideez.com/hideez-enterprise-server/administration/platform-authentication-on-the-hes-server)

<div><figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/ouMIczCty0i6qgfmbrMK/Screenshot_15.jpg" alt="" width="467"><figcaption></figcaption></figure> <figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/IF4WKxSK1i5dNg6KzA7L/Screenshot_16.jpg" alt=""><figcaption></figcaption></figure> <figure><img src="https://content.gitbook.com/content/RdTysrljwe610dPFG7tE/blobs/P4sVwmY9OAh4fyeVoo8z/Screenshot_18.jpg" alt=""><figcaption></figcaption></figure></div>

{% hint style="info" %}
Note: Multiple devices can be added simultaneously.

&#x20;A **biometric sensor** or **Trusted Platform Module** **(TPM)** module must be present.
{% endhint %}