Set Up A Passkey On Your Microsoft Or Google Account

techtip

Passkeys let you sign in without a password, dramatically reducing the risk of phishing and credential theft, and most UK business users can set one up on their Microsoft 365 or Google Workspace account in just a few minutes.

What Is A Passkey?

A passkey is a password replacement that uses your device’s built-in security, such as fingerprint, facial recognition, a PIN, or Windows Hello, to authenticate you. Instead of typing a password that could be stolen, guessed or reused, you approve the sign-in securely on your own device.

Both Microsoft and Google now support passkeys for business and personal accounts, and they are widely regarded as a major step forward in phishing-resistant authentication.

Why This Matters For Businesses

Phishing and password spraying remain two of the most common ways attackers gain access to business email and cloud systems. If a password is stolen through a fake login page or reused from another breach, it can be used immediately.

Passkeys change that. There is no password to steal, reuse or type into a fake website. Even if you land on a convincing phishing page, a passkey will not authenticate against it. For individual users, this is one of the simplest and most effective security upgrades available today.

How To Set Up A Passkey On A Microsoft Work Or School Account

  1. Go to https://mysignins.microsoft.com/security-info or open your Microsoft account and navigate to Security info.
  2. Select Add sign-in method.
  3. Choose Passkey from the list of options.
  4. Select Add and follow the on-screen prompts.
  5. Choose where to store the passkey, for example Windows Hello on your PC, or your mobile device.
  6. Complete the verification step if prompted.

Once configured, you can use your fingerprint, face, or device PIN to sign in instead of entering your password.

If you do not see Passkey as an option, your organisation’s IT administrator may need to enable it within Microsoft Entra ID first.

How To Set Up A Passkey On A Google Account

  1. Go to https://myaccount.google.com/security while signed in.
  2. Scroll to the section labelled Passkeys.
  3. Select Create a passkey.
  4. Follow the prompts to store the passkey on your device, such as your phone or laptop.
  5. Confirm using your device unlock method.

Google will then allow you to sign in using your device authentication rather than a traditional password.

A Practical Approach

Start with your most important accounts, especially your business email. You can keep your existing authentication methods during the transition, but moving to passkey-based sign-in removes one of the most common attack routes used against UK businesses.

This is a small change, made in your own account settings, that can significantly reduce phishing risk and strengthen your first line of defence.

Sponsored

Ready to find out more?

Drop us a line today for a free quote!

Click Here
Posted in

Mike Knight