Skip to content

Set up a passkey

You can set up a passkey as a second method of authentication after you've set up an authenticator app.

Note

We recommend using passkey authentication and registering passkeys on more than one device for resiliency.

Set up a passkey with Windows

In this example, we'll show you how to set up a passkey with a fingerprint using Windows. If you're setting up a passkey on a different operating system, see General information about setting up a passkey.

To set up a passkey, do as follows:

  1. Sign in to Sophos Central with your username, password, and authentication method.

  2. Click your Profile icon Profile icon., then go to My info.

  3. Click Manage MFA.

    Note

    You can also go to Sophos ID, click My Profile, then click Manage MFA.

    For more information, see Manage authentication methods.

  4. Authenticate to continue.

  5. On the Multi-Factor Authentication screen, click the plus icon on the right-hand side.

    Manage registered MFA methods.

  6. Under Set up MFA method, select Passkey.

    Set up passkey.

  7. Scan your finger on your fingerprint reader.

    Scan your fingerprint.

    You'll see the Passkey Saved screen.

    Passkey saved.

  8. Click OK.

    You'll see your passkey added to your registered authentication methods.

  9. Click Continue.

    You're redirected to the Sophos Central dashboard.

When you've added your passkey, the next time you sign in, you can use your username (email address) and your passkey.

Note

Even if you've set up an authenticator app in addition to your passkey, you're prompted to use your passkey. To use your authenticator app instead, click Try another way from the Use your passkey to confirm it's really you prompt during the sign-in process.

General information about setting up a passkey

When you set up a passkey, you'll need to follow the on-screen prompts to set up a passkey on your device.

These steps differ depending on your device.

At some point, you'll need the PIN or biometric you use to unlock your device to continue the setup.

Depending on your device, you can select to store the passkey in one of the following places:

  • In a credential manager on your local computer. This could be a web browser, an operating system, or a commercial credential manager application.
  • On a device-bound authenticator, such as a YubiKey.
  • On a mobile device, using a QR code.