How to Set Up Microsoft Authenticator and Passkeys on Your Device

Introduction

Microsoft Authenticator

When signing into most secure accounts, you’d normally need to enter a password to authenticate. Microsoft uses passkeys and the Microsoft Authenticator, which work together to eliminate the need for passwords. Read more on both below. 

Microsoft Authenticator is a mobile app that securely verifies your identity when signing in to Microsoft’s services. Since 2025, Authenticator has not relied on passwords. Instead, it verifies your sign-ins using: 

  • A push notification you approve on your phone 

  • A one-time code generated in the app 

  • Fingerprint or Face ID 

  • Your phone's PIN 

Authenticator is fast and secure, but it takes a bit of setup to work properly. Below are the steps to setting up Authenticator on your phone.

Microsoft Passkeys

A passkey is a newer technology that replaces passwords. Instead of requiring a password, your computer stores a secure credential that proves it's really you. You can unlock this credential using: 

  • Windows Hello (if your computer has a facial recognition device) 

  • Your fingerprint (if your computer has a fingerprint recognition device) 

  • Your computer's PIN 

Passkeys make signing in faster and more secure, but they require Authenticator to be set up beforehand.

Setting Up Authenticator

  1. Log into your Microsoft Account on a computer with your name and password. 

  2. After signing in, Microsoft will attempt to link to your Authenticator App before doing anything else, as shown below. If this does not occur, you likely already have Authenticator paired with your computer. See Step 6 on how to check this. 

  3. Uploaded Image (Thumbnail)Download Microsoft Authenticator on your mobile device.
  4. Uploaded Image (Thumbnail)

    Open Authenticator and click "Scan a QR code" as shown below.

  5. Uploaded Image (Thumbnail)Scan the QR code that shows up on your device. Uploaded Image (Thumbnail)
  6. You can double check that Authenticator is set up properly by logging into Microsoft on your computer and navigating to My Account > Security Info. If one of your sign-in options is “Microsoft Authenticator” as shown below, you’re good to go. Otherwise, you can click Add Sign-In Method > Microsoft Authenticator and follow the steps above to set it up.  ​​​​​​Uploaded Image (Thumbnail)

 

Making A Passkey

  1. Using your computer, sign into your Microsoft account at https://mysignins.microsoft.com/security-info and navigate to My Account > Security Options > Add Sign-In Method. 

Uploaded Image (Thumbnail)

 

  1. Select Passkey in Microsoft Authenticator. 

Uploaded Image (Thumbnail)

  1. Open the Microsoft Authenticator app on your phone and select your school account (ending in @indstate.edu) 

  1. Select Create a Passkey and follow the sign-in instructions on-screen 

Uploaded Image (Thumbnail)

Still having trouble? Visit here for more info on setting up a passkey. 

Setting Up Windows Hello/Fingerprint/PIN Sign-In

With an Authenticator passkey set up, you can sign in to your Microsoft Account with your Face, Fingerprint, or PIN. You only need one of these credentials to sign in, but to set up more, follow the steps below. * 

  1. Navigate to your computer’s settings, then find Accounts > Ways to Sign In. 

Uploaded Image (Thumbnail)

  1. Choose the sign-in method you prefer and follow the instructions on-screen to set it up on your system. 

*You can only use Windows Hello if you have facial recognition hardware on your computer. Similarly, you can only use Fingerprint recognition if you have a fingerprint scanner. 

Additional Information

Aspect 

Microsoft Authenticator 

Passkeys 

What it is 

A mobile app that provides multiple ways to authenticate outside of passwords 

A phishing‑resistant authentication credential that keeps up with web authentication standards 

What it does 

Sends push notifications, generates time-sensitive codes, and securely stores credentials 

Replaces passwords entirely with a cryptographic key pair tied to a device and user 

Password Dependency 

Passwordless by design; no password is created, stored, or transmitted 

Often used in addition to a password (for MFA), though it can also support passwordless sign‑in in Microsoft accounts 

 

Dependency on the other 

Acts as a container for passkeys, but does not depend on them 

Does not necessarily require Authenticator to create/store passkeys, but Authenticator is the easiest option to do so 

Security Level 

High; adds a second factor beyond passwords, still relies on passwords unless combined with passkeys 

Very high; phishing-resistant, can’t be guessed or reused on fake sites 

Authentication method 

Push notification approval, one‑time passcodes, or passwordless sign‑in approval 

Biometric (face/fingerprint) or device PIN unlocks a private key to sign in 

Setup 

Install app on mobile device, link to account via QR code 

Requires device with biometric/PIN and Microsoft Authenticator app; register a passkey for each account 

Additional Links

More on Microsoft Authenticator: support.microsoft.com/en-us/account-billing/about-microsoft-authenticator-9783c865-0308-42fb-a519-8cf666fe0acc

More on Passkeys: www.microsoft.com/en-us/security/business/security-101/what-is-passkey?msockid=05d1ad4387eb6f212b67bb87867f6e3d

Microsoft's doc on signing in with passkeys: support.microsoft.com/en-us/account-billing/signing-in-with-a-passkey-09a49a86-ca47-406c-8acc-ed0e3c852c6d

Print Article