Vonage Business Cloud AU Support

Vonage Business Communications Support

Enter a search topic
Vonage Support
Expand All | Collapse All

Passkeys: Use and Setup (Coming Soon!)

Updated: 5/30/2026 9:26 AM

Passkeys are a modern password replacement designed for a faster, more secure sign-in experience.

  • Uses Fast Identity Online (FIDO) standards that employ your device’s biometrics (fingerprint/face) or a local PIN to verify your identity, effectively eliminating phishing and credential theft.
  • Ensures higher compliance with industry security frameworks while providing a seamless, one-touch sign-in process.

Passkeys are fully FIDO2-certified and meet high-level security standards, including SOC and HIPAA, by replacing vulnerable passwords with a hardware-backed cryptographic credential.

Why Use Passkeys?

Passkeys are recommended because they bypass traditional authentication methods that expose users to phishing, credential stuffing, and brute-force attacks, such as:

  • Password Spraying: Simple, predictable passwords are easily guessed by attackers, which enables them to use these common combinations across millions of accounts.
  • Credential Stuffing: The use of the same password across different sites means a data breach at one company enables those attackers to 'stuff' those stolen credentials into other services for unauthorized access. 
  • Phishing: Because traditional sign-ins do not verify a site's legitimacy, attackers can easily trick users by hosting malicious forms that look identical to real sign-in pages. 

Although Two-Factor Authentication (2FA) adds a layer of defense, attackers can still bypass SMS codes or push notifications via 'SIM swapping' and '2FA fatigue' attacks. Passkeys effectively neutralize these threats. 

Types of Passkeys

The primary types are Passkey - Platform Authenticator, Passkey Cross-Platform Authenticator, and Security Keys, as briefly described in the following table. Click on a Type / Link for more details. 

Type / LinkUseLocal StorageSynced Across Multiple Devices
Passkey - Platform AuthenticatorsUses built-in technology on the same device or all synced devices.Stored in the device's hardware security chip (example: TPM on Windows).
  • Windows: Synced via Microsoft Account. 
  • Android/Chrome: Synced via Google Password Manager. 
  • Apple/Safari: Synced via iCloud Keychain
Passkey Cross-Platform AuthenticatorUses your phone (Android / iOS) for external authentication.Stored locally on the mobile device.
  • Android: Synced across your other Android devices via Google Password Manager. 
  • Apple: Synced across your other Apple devices via iCloud Keychain
Security KeysUses external devices (example: YubiKeys) connected via USB, NFC, or Bluetooth. Stored solely on the portable hardware device.Not synced to the cloud; must be physically present with the device being used.
Passkey Platform Authenticators (Built-in Biometrics)

These passkeys are built into your hardware and automatically sync across your trusted devices, provided they remain within the same brand ecosystem (e.g., Apple to Apple, or Google to Google).

ProsCons
  • User-friendly
  • No external device needed
  • Available (and synced) to devices within the same brand ecosystem
  • May not work outside of the ecosystem
  • No hardware backup if the device is lost
Windows Desktop (Microsoft Ecosystem)
  • Operating System: Windows 10 or 11.
  • Authenticator: Uses Windows Hello, which includes facial recognition (requires an IR camera), fingerprint sensors, or a secure PIN. Users must configure this before using passkeys with Vonage.
  • Storage and Sync: Passkeys are stored locally on the device and can be synced across Windows devices if the user is logged into a Microsoft Account.

    NOTES:
    • Facial recognition requires IR camera. Verify if your machine has a camera that supports facial recognition, usually indicated with 3 dots next to the camera.
    • Not all devices include a built-in fingerprint sensor. You should review your specific device's specifications to confirm support. A missing 'Set up' button for fingerprint recognition usually indicates that the device lacks a built-in sensor.
    • Some options may not be available because they are managed by the network administrator.
Android and Google Ecosystem
Mobile (Android)
  • Authenticator: Uses built-in biometrics, Android Fingerprint, or Face Unlock.
  • Setup: In the Chrome Browser, the "Automatically create a passkey to log in faster" option must be enabled.
  • Storage and Sync: Passkeys are synced across all your Android and Google devices via Google Password Manager.
Desktop (Chrome)Authenticator: You can use the Google Password Manager directly within the Chrome browser on your computer to create and use passkeys.
iOS and Apple Ecosystem
Mobile (iPhone/iPad)
  • Authenticator: Uses native Apple biometrics such as Face ID or Fingerprint.
  • Storage and Sync: Passkeys are stored locally and synced across Apple ecosystem devices via iCloud Keychain.
  • Requirement: You must be logged into your Apple Account and have iCloud Keychain enabled.
Desktop (Mac)
  • Authenticator: Uses built-in Mac biometrics (Touch ID) or the device password.
  • Browser Support: Primarily utilized through Safari on macOS Ventura or later.
  • Storage and Sync: Just like mobile, these are managed and synced through iCloud Keychain.
Passkey Cross-Platform Authenticator

Lets you log in on one device using a passkey stored on another device (like your phone).

ProsCons
  • User Friendly
  • Enables you to authenticate from a device that does not have a passkey

Requires two (2) devices to be nearby.

  1. Open the sign-in page for the Vonage Admin Portal, Desktop App, or Mobile App on your device.
  2. Select the passkey option for the cross-platform authenticator, such as your phone. A QR code is displayed. 
  3. Open your phone and scan the QR code.
  4. Confirm selection with your Face ID, fingerprint, or PIN. 

    On approval, you are signed in automatically on the original device you use to access your Vonage service. 
Security Keys
ProsCons
  • Allows for high-level security customer policies
  • Portable across devices and platforms
  • Additional cost
  • Users must carry device
  • Can be lost or damaged
  • Devices: Verification uses external hardware, such as YubiKeys, that connect via USB, NFC, or Bluetooth.
  • Storage: Passkeys are stored directly on the physical hardware device rather than in the cloud.
  • Synchronization: These keys do not sync to the cloud, so the physical device must be present with you to complete a login.
Set Up a Passkey
  1. Start the sign-in process for the Vonage Admin Portal, Desktop App, or Mobile App.
  2. Enter your username, password, and validate with two-factor authentication (2FA).
  3. Select Create a passkey.

    NOTE: Passkey setup is currently optional, and you can choose I’ll do this later. If you choose this option, you are not prompted again for seven (7) days or the next 10 sign-in attempts, whichever occurs first.
    screenshot 

  4. Follow prompts for the passkey options presented to you. These options presented depend on your device type, browser, browser features enabled, and the security features set up by your Network Administrators.

    In the following example, the user is set up with Windows Hello.

    screenshot 

  5. Click Continue to use the secure Windows Hello option, which is a PIN and Fingerprint recognition in the following example.

    NOTE: If you click Change, the system offers more options, which include cross-platform or hardware security keys.
    screenshot 

    Once the passkey is created, you are redirected to the Vonage platform. Going forward, you will be prompted to sign in with your Passkey, and 2FA (SMS) becomes your backup method. 
Sign In with a Passkey
  1. Start the sign-in process for the Vonage Admin Portal, Desktop App, or Mobile App.
  2. Enter your email or username, then select Continue.

    screenshot 
  3. If you have previously registered with a Passkey, you will be redirected by default to the Passkey page:

    screenshot 
  4. Select Log in with passkey; then follow the on-screen instructions to complete the sign-in process.

    screenshot 
    In this example, the user is redirected to Windows Hello Passkey. The option displayed depends on your device type, browser, browser features enabled, and the security features set up by your Network Administrators. 
  5. Validate your Passkey; you will be redirected to the Vonage application.
View and Manage Passkeys

Passkeys can be viewed and managed in the Admin Portal, Desktop App, and Mobile App.

Admin Portal
(Super Users / Certain Administrators)
  1. Select Phone System, then Users.
  2. Select the appropriate user.
  3. Click on the Security tab.

    All passkeys registered will be presented. Depending on the user’s role, the Remove passkeys button will be enabled to remove a passkey.
Desktop App (All users)
  1. Click on your Avatar/initials (top left).
  2. Click Settings.
  3. Click on the Security tab.

    All passkeys registered will be presented. All users will be able to remove their own password through this desktop Security profile.
Mobile App (All users)
  1. Tap your Avatar/initials (top left).
  2. Tap Settings.
  3. Tap Security.

    A new section, Passkeys, will become available.
Troubleshoot Issues

The following describes and provides solutions for authentication and registration error messages you may encounter with Passkeys.

NOTE: If you select "I'll do it later" when prompted to set up a Passkey, this prompt is not displayed again until after you have successfully signed in 10 times or 7 days have elapsed since you chose to skip. 

Authentication Error Messages - Errors on attempts to sign in with a Passkey
Error & DescriptionCause/Solution
Passkey Unavailable- Passkey login is temporarily unavailable. You can try again or sign in with your password instead.The API responsible for authentication is not available. This could be due to a temporary outage. Also, this error appears if someone has manipulated the URL.
Passkey Not Found or Canceled- No passkey was detected for this device, or the operation was canceled. Log in with your password and two-factor authentication (2FA) to proceed. After you are verified, you can set up a new passkey.

User attempted to log in from a device or browser that does not have a passkey paired with the application. Also, this message is displayed if the user clicks cancel at any time during the authentication process. 

The user can retry and potentially select another passkey on the device to attempt to authenticate, or log in using a password and 2FA. When the user logs in with a password and 2FA, they are optionally prompted to register an additional passkey on their device.

Passkey Request Timed Out- You did not respond to the passkey prompt in time. Please try again.User did not interact with the passkey prompt for an extended period (usually 60+ seconds)
Passkey is not found on this device- No Passkey is set up for this device. To create one, log in with your password and 2FA. After verification, you can set up a passkey for this device. You can also choose to sign in with your password for now.No credentials found; an attempt was made to use an object that is not or is no longer usable
We could not verify you- We were unable to verify your biometric input. Try again or use another method to log in.The biometric input could not be verified.
Registration Error Messages - Errors on attempts to register a Passkey
Error & DescriptionCause/Solution
Passkey Unavailable- We could not complete the passkey setup right now. You can try again or set it up later.The API responsible for authentication is not available. This could be due to a temporary outage. Also, this error appears if someone has manipulated the URL.
Passkey Set Up Canceled- Your passkey setup was canceled. Retry or continue with your password.

User attempted to register on the device or in a browser, but clicked cancel at any point during the authentication process. 

The user can retry and potentially select another passkey on the device to attempt authentication, or click Set it up later, which logs the user into the application.

Passkey Request Timed Out- You did not respond to the passkey prompt in time. Try again or set it up later.User doesn't interact with the passkey prompt for an extended period (usually 60+ seconds).
Passkey already registered for this device- The passkey already exists for this device. You cannot register the same device twice.The user is attempting to register passkeys for the same device, which already exists
Failed to register the device for passkey- We were unable to activate this device for passkeys. You can also choose to log in with your password for now.Any failure when calling the API to activate the 2FA device.
Passkey Limit Reached- You have reached the maximum number of passkeys. Use your password or remove an existing passkey to add a new one.There is a limit of five passkeys per user. This error message displays to users who attempt to configure a sixth passkey.
Both Authentication and Registration Messages - Errors on authentication or registration of a Passkey
Error & Description Cause/Solution
Session Expired- Your session has expired; restart to continue.User leaves login flow pages idle for too long (typically 5-15 minutes).
The URL was modified, corrupted, or is from a different session
Also covers unknown edge cases, new error types, or errors from future API changes
Passkeys Not Supported- Your browser or device does not support passkeys. You can continue with your password or use a different deviceUsing a browser/device without WebAuthn support, or an authenticator that does not support the required algorithms.
Verification couldn’t be completedAuthenticator hardware issue, firmware problem, or unhandled error condition.
No compatible device found- We could not find a compatible device for this action. Connect a supported device or use another login method.No compatible authenticator connected/available, or the user declined to use their authenticator.
Verification failed- We could not verify your identity. Use another sign-in method to access your account.The passkey assertion (signature) failed verification. Could indicate credential mismatch or tampering. May occur with corrupted credentials or server-side issues.

 

Did this article answer your question?