Passkey Rollout 

During the rollout of Passkeys across Lab divisions, IT is hosting office hours. If you have any questions or require support in setting up your passkey, please join one of the sessions below.

Tuesdays

Thursdays

For support outside office hours, submit a support request by emailing [email protected] or contacting the IT Help Desk support chat at https://go.lbl.gov/itchat

star New Features & Announcements star  

     star Passkey-only Yubikeys now available for purchase

     star Passkeys Lab-Wide Rollout Launch Starts in Operations

     star New authentication options when using passkeys


We highly encourage you to save a passkey in at least one password manager as they are a Cybersecurity best practice to securely store your passwords and passkeys.

1Password or LastPass are Lab-supported password managers which you download and use for free across your devices (desktop, laptop and smartphones).

Operating systems and platforms provide their own proprietary, default password managers such as Apple Passwords, Google Password Manager and Samsung Pass.


Once you’ve created your first passkey, you can manage your passkeys and view information about their last usage by visiting 

The Passkey Management page also allows you to create additional passkeys for your other devices. Visit  from that device.


The IT Division at Berkeley Lab is implementing passkey adoption across the Lab to enhance digital security.

Passkeys are a more secure and user-friendly alternative to traditional multi-factor authentication (MFA) codes, which can be vulnerable to phishing attacks.

Passkeys provide some advantages over traditional MFA methods:

  • Reduce the risk of credential theft by removing the need for one-time MFA codes.
  • Streamline login by using advanced authentication methods like Face ID, Touch ID, and QR codes.
  • Eliminate the risk of private keys being compromised.
  • Sync across devices for user convenience.

     Click here to Know More about Passkeys 


It is strongly advised that you register multiple passkeys on different devices, such as your mobile device, a security key, a password manager and your computer to ensure you can log in even if you lose access to your primary passkey.

Once you’ve created your first passkey using a mobile device or security key, you can visit the Passkey Management page to add additional passkeys. For more information, see the section below titled Managing Passkeys.

Before setting up your passkeys, watch these videos to get an idea of what to expect during the creation process. After creating your first passkey on your mobile device or security key, remember to create another one in your browser, password manager or another device.


The use of passkeys will gradually be rolled out to Lab areas and divisions over the coming months. Once your division joins the passkey program, the next time you attempt to log in to a Lab service, you’ll be guided through the process of creating a new passkey. The process is as follows (using LETS as an example):



From your browser you visit lets.lbl.gov

You will be asked for your Lab credentials...
... and your MFA OTP

You'll now create your passkey, guided by your device, browser, or operating system.

You will need either your mobile device or a security key, such as a Yubikey.

Refer to the section below (Examples of the Passkey Creation Process) for examples based on your operating system and browser configuration.


You’re all set! The next time you visit a website that requires authentication with your Lab credentials, you’ll be prompted to provide your username, password, and passkey.

No more OTP token.


Your experience when creating a Passkey will vary depending on the operating system, browser, or device you’re using. Below, you’ll find links to examples and screenshots illustrating how the experience might differ based on these factors.

If you are using a Mac computer:

If you are using a Windows computer:

If you are using an Android phone:

If you are using an iPhone

Across devices using a Password Manager

  • Passkeys stored in Apple Passwords are available on modern iOS and macOS devices that you are signed into your Apple ID  
  • Passkeys stored in Google Password Manager are available in Google Chrome and Android devices that you are signed into your Google account
  • Third-party password managers 1Password and LastPass


Once you’ve created your first passkey, you can manage your passkeys and access information about their last usage by visiting

The Passkey Management page also allows you to create additional passkeys for your other devices.

To create a passkey for a specific device, visit from that device.


If you are unable to access your Lab account, you can Fallback to One-Time Password (OTP)

If falling back to your One-Time Password (OTP) does not work, then contact the IT Help Desk at https://go.lbl.gov/itchat








  • No labels