Passkeys on an Android device

An easy way to create a passkey on an Android device is with a browser on a PC or laptop. It is also possible to create the passkey directly on the smartphone.

Please note: Some browsers require an operating system interface for passkeys. This is why Firefox under Linux, for example, currently only supports USB security keys and not passkeys on other devices. If your browser does not display the appropriate dialogs, please use a different browser.

Start the creation of a passkey at https://my.scc.kit.edu/token under "New token" in the "Passkey" tab. The following or a similar looking dialog will appear in your browser.

Click on "Use another phone..." to outsource the process to another device. If you carry out the creation directly on an Android smartphone, this and the next dialog will not appear.

Scan the displayed QR code with your smartphone. The most secure way to do this is with the "Google Authenticator" app at the bottom right of the plus symbol under "Scan QR code". Some smartphones also work with the camera app supplied, but not all.

The next steps are then carried out on the mobile device. Start at this point if you have called up token management directly on the smartphone.

Confirm the two dialogs on your smartphone. If you do not confirm the "Skip QR code" dialog, the passkey will still be created. However, you must scan the displayed QR code when logging in.

You should then be able to use the passkey to log in and as a second factor.

Managing the passkey in Android

You can find the passkeys you have created so far under "Settings" -> "Google" or "Google services" under "Password manager".

If this tile is not located here, you can select "Autofill with Google" under "Autofill & Passwords" via the "All services" button. There you will find the item "Google Password Manager" or "Password Manager".

Android 14 and newer

As of Android 14, smartphone owners can select the password manager. Older Android versions automatically use the Google password manager. Unfortunately, we currently have no experience with other password managers. Therefore, the SCC can currently only support the Google password manager. The Google password manager can be activated under "Settings" -> "Google" -> "All services" -> "Autofill with Google".

In tests, newer Samsung smartphones did not work optimally with the Samsung password manager. The passkey created could only be used as a second factor. In this case, the currently known workaround is to use the Google password manager.