Hello!

Passkeys are the safest and most convenient possible way to authenticate. We started using them from the beta availability on. Use them with Yubikeys or similar hardware, or with users’ smartphones (requires the PCs to have Bluetooth activated to make this work - a requirement to guarantee that the users’ device is close to the device where authentication takes place, as far as I know).

Regards,

Jean-Philipp.

Hi there,

I am also currently checking the possibility to move on with Passkeys. For mobile devices it is indeed a very convenient and secure way to log in.

For PCs I experience the challenge that MEWS is asking for a Stick - I understand it must be a Yubikey or anything like that. 

Does someone know (since my IT knowledge is very basic) what is required? 1 Stick per PC? 1 Stick per user? Must the stick be removed after login? 

I can check with my our IT support also, but maybe someone tried already.

Thank you & have a great start into the week

Vanessa

Hello!

If you use a security key (must support FIDO, like Yubikeys) it must be 1 per user. It is not required to remove the stick after authentication, but advisable to avoid other users using the key to authenticate (if no pin is associated with the key - notice that when Passkeys are created on security keys on a MacOS computer no PIN is required for some reason)

You can use a smart phone to authenticate on PCs too, but a bluetooth enabled PCs is required - you then scan the QR Code with the mobile phone and the bluetooth connections is used to verify that the user is in fact present/close to the PC.

On windows PCs we have seen a better flow (more user friendly) with security keys than with smart phones.

Kind regards,

JP.