Passkeys

Passkeys represent a modern approach to authentication, offering enhanced security and convenience by eliminating the need for traditional passwords. Unlike passwords, which can be guessed or stolen, passkeys are cryptographic keys stored on your device, making them more secure and user-friendly. Passkeys can include biometrics like fingerprints or facial recognition, which provide an extra layer of security and convenience. A list of passkey supported websites, apps, and services can be found here.

The Workspace browser extension serves as the bridge for adding and managing passkeys within the Devolutions Server and Devolutions Hub Personal data sources.

1. Install the Workspace browser extension.

2. Configure the extension to connect with Devolutions Server and Devolutions Hub Personal.

3. Create a Passkey.

4. The Workspace browser extension Add Passkey window open.

5. Select the app where you want to save the passkey (Devolutions Server or Devolutions Hub Personal).

6. Choose a Name, a Folder, and select the vault in which you will be storing the passkey.

7. Click Save to save the passkey.

When accessing a service, Workspace browser extension will automatically use the stored passkey entry for authentication. Passkey entries cannot be edited except for their title.

Here is how to configure a passkey profile in Microsoft Entra ID that will allow you to use Workspace browser extension as a passkey provider:

1. In the Azure portal, head to Authentication methods | Policies – Passkey (FIDO2).

2. Click the Configure tab, and then Add profile (preview).

3. Enter a Name for the passkey profile, set the Target types to Synced (preview), enable Target specific AAGUIDs, and set the Behavior to Allow.

4. Add DE503f9c-21a4-4f76b4b7-558eb55c6f89 as the Model/Provider AAGUIDs. Click Save.

• Blog - Decoding passkeys: The key to a passwordless world