Use your Android as a security key to log in to Windows

  • Requirements and configuration of the Android integrated key and passkeys
  • Windows login with Bluetooth and QR verification
  • Troubleshooting and managing keys and devices
  • Microsoft (Windows Hello) and Phone Link support
Isaac

11 minutes

Android as a security key in Windows

Turning your Android phone into a security key to log into a Windows computer is possible and very useful.: Your phone acts as physical proof that you are near the computer and that it is really you trying to access it. This system adds a layer of defense against password theft and phishing attacks. when you log in to services from your PC.

The idea is simple: When you try to log in to your account from Windows, Your Android phone communicates via Bluetooth with the device and confirms that you are nearby.; if you approve the request on the phone, access is granted. This verification works with Google accounts and fits seamlessly with the passkey ecosystem and Windows Hello for Microsoft accounts..

What it means to use your Android as a security key in Windows

Using your Android as a security key is not the same as logging in without a password directly to Windows.; what it does is reinforce access to accounts and services that you access from your PC, especially the Google account, using your mobile phone as a physical device thanks to Bluetooth. So, even if someone knows your password, You won't be able to get in without having your phone nearby..

Google uses a Bluetooth verification between the device you are logging into and the phone's built-in security key.This proximity certifies that both you and your phone are next to the Windows device, preventing remote startups by third parties. The final confirmation comes in the form of a notification on your Android.

Compatibility is wide: You can use your phone as a security key when signing in to Windows computers (as well as macOS, iOS, and ChromeOS), as long as you use supported browsers and meet the requirements that you'll see below. Please note that, in the specific case of Google accounts, This integrated key is designed for your ecosystem and may ask you to confirm by double-tapping the notification..

Essential prerequisites

To configure and use the security key integrated into Android, you need to meet certain minimum requirements. affecting both the phone and the Windows PC.

  • Android phone: Android 7.0 or higher, with Bluetooth enabled y with the account you want to protect logged inIn some cases, location settings must be active for Bluetooth to work properly.
  • PC with Windows: Windows 10 or Windows 11, Bluetooth enabled and a compatible browser. For the built-in Google Key, Chrome offers the best experience, although there is also passkey compatibility with Chrome, Edge, Firefox and Safari in their modern versions.
  • Browsers compatible with passkeys: Chrome 109+, Edge 109+, Safari 16+, and Firefox 122+ help you take advantage of Passkeys and the passwordless sign-in experience.

Important note for Windows 10If the system indicates that Bluetooth is not enabled even though it is, go to Settings > Privacy > Radio signals and turn on “Allow apps to monitor device radio signals.” This option allows the verification process to properly use your device’s Bluetooth.

One last key nuance: in your Google account there can only be a integrated security key for each phone at a time. If you have multiple compatible phones, you'll need to choose one (you can always change it later).

Set up your Android as a security key on Google

How to regain access to your Google account

Google tries to automatically enable the built-in key if your phone meets the requirements., but it is advisable to activate it manually to ensure that it is registered.

  1. Turn on two-step verification (2SV) on your Google account y choose a second verification stepIf you're already using 2SV, continue with the next step.
  2. On your Android, go to myaccount.google.com/security.
  3. Under “How do I sign in to Google?”, tap Access keys and security keysYou may need to log in again.
  4. At the bottom left, tap add security key.
  5. Select your android phone and confirm with AddYou'll see a confirmation message when your phone has been registered as a key.

Remember- Even if you log out, that built-in key remains associated with your device. If you change your phone, return to this section to replace it with the new one.

Sign in from Windows with your phone's built-in key

When you access your Google account from a Windows PC, the flow is very convenient if you have already set up the integrated security key.

  1. Check that Bluetooth is on on the computer and on the Android mobile.
  2. Sign in to the Google site or service on your PC by entering your email address.
  3. Look at your phone: you should receive one notification of attempted access.
  4. Tap twice the “Are you trying to log in?” notification to open the approval.
  5. Follow the instructions on your Android and confirm that it's you to complete the start.

If you prefer not to use the key at that time (or if you don't receive the notification), you can press “Cancel” and choose try another way to access with another 2SV method available in your account.

Troubleshoot common problems

If something goes wrong during setup or login, these settings usually resolve most issues.

  • Bring the devices closerBluetooth verification requires proximity between your phone and PC. Place them side by side and try again.
  • Activate Bluetooth on both: Check the settings on your phone and in Windows to confirm that Bluetooth is turned on.
  • Turn on location on Android: Some phones require location services to be enabled for Bluetooth to operate reliably during verification.
  • Check requirementsFor Windows, you need a Bluetooth-enabled device and a modern browser; for iPhone or iPad, there are also specific requirements if you use passkeys or QR code cross-logins.

Windows 10 message “Turn on Bluetooth to allow pairing” Even if you already have it on: Open Settings > Privacy > Radio Signals and turn on “Allow apps to monitor device radio signals.” Then, try restarting your device again.

If you can't use the key, log in with your username and password, press Cancel > Try another way and choose another verification method you've set up. Complete the login process, and once logged in, check the security section to restore use of your mobile key.

Passkeys: What they are and how they fit into Windows

Access keys are the natural evolution of passwords: allow you to log in with your fingerprint, face or PIN from your device, and demonstrate possession of the equipment without exposing codes that can be intercepted. In practice, simplify access and increase protection against phishing.

Why they are more secure than passwords: Passkeys are linked to your devices and cannot be “signed” or handed out by mistake. By using them, you prove that you have the mobile phone or computer and that you can unlock it with a local factor. (biometrics or PIN).

Requirements for creating passwords on Google and use them on Windows: a PC with Windows 10 (or later), an Android 9+ mobile o iOS 16 +, or a FIDO2 security key. At the browser level, use Chrome 109+, Edge 109+, Safari 16+ or Firefox 122+. Also, enable the screen lock and, if you are going to use a mobile phone to log in to another computer, Bluetooth.

Note for older FIDO2 keys: If you added a hardware key to your Google Account before May 2023, You may need to remove and re-add it to create a passkey on that same key..

Set up, use, and manage passkeys in your Google account

Creating a passkey on your own device is straightforward. y will make it easy for you to log in without a password wherever compatible.

  1. Go to https://myaccount.google.com/signinoptions/passkeys.
  2. Balance Create access key and then Continue. Unlock your device when prompted.

To create a passkey on a FIDO2 USB security key: enters the same page, choose Use another device and follow the instructions. You must insert the key and enter its PIN or touch its fingerprint reader.

What happens nextAfter creating your first passkey, the next time you log in on a supported device, you'll be prompted to create another local passkey. It's recommended not to do this on shared computers to maintain security.

How to use your passkey to log in on Google from Windows: Open the login page, enter your username, and if you already have a passkey created on that PC, the system will ask you to verify your identity using the device's method (fingerprint, face, or PIN). Just follow the on-screen instructions.

Log in to your account with your mobile passkey (Android or iOS) is possible using a QR code: enter your username on the page, click on try another way > Use your access keyScan the QR code with your phone's camera or Google Lens (on Android devices that don't have it natively) and approve it on your phone. Next time, verification will be automatic via notification.

Startup preferences- When you create your first passkey, Google enables a mode that prioritizes "no password." If you prefer to always start with a password, go to Security & sign-in and disable it. Skip password when possible.

Consultations and management: On the Passkeys page, you can view, delete, or disable your registered keys. If your Android automatically creates keys, several keys may appear associated with your phone.

If you lose a device with a passkeyIt's recommended to log into your account from another computer and delete the linked key. If you're still prompted for it, check if it was saved in a credential manager and delete it there as well.

Final tips of recommendationsIn incognito mode, you may not be able to create or use passkeys, depending on your browser. Keep your system and browser updated. If you choose "Try another way" too often, Google will reduce the passkey offering, and you can undo this in your settings.

Notes on AndroidIf you log out on an Android device, you can log back in with the passkey for up to 6 hours; after that, you'll need another method, and when you log in, Android will generate a new passkey to replace the old one. There's no specific time limit on other systems.

Google Workspace accounts: They also allow you to create passkeys, although the administrator can restrict logins using only a passkey. To do this, you can see if you have it enabled under the "Skip password when possible" option. In many cases, passkeys function as a second factor for recovery and sensitive operations.

Use passkeys with your Microsoft account and Windows Hello

Passkeys are also compatible with Microsoft accounts. (personal, professional or educational), and in Windows 10/11 you can use Windows Hello (face, fingerprint or PIN) as a convenient and secure method to access with passkey.

Create a password for your work or school account from the same device where you want to use it:

  1. Sign in https://mysignins.microsoft.com/security-info and log in.
  2. Choose Add login method.
  3. Choose Passcode o Passkey in Microsoft Authenticator.
  4. Follow the instructions on the device to complete the process.

Use the passkey To sign in to your Microsoft account when prompted: select Login Options, choose face, fingerprint, PIN or security key and confirm in the window that will open on the device.

Delete a passkey in Microsoft: Access the security page, select Delete on the corresponding key and remove it from the device if necessary.

CompatibilityMicrosoft supports passkeys on Windows 10+ and macOS Ventura+, ChromeOS 109+, iOS 16+ (requires the Authenticator app), and Android 9+. It also supports FIDO2 security keys for added compatibility.

Phone Link: Linking Android and Windows isn't a key, but it helps

phone link

The Phone Link app does not function as a security key in itself., but it improves the continuity between PC and mobile. It allows you to view notifications, reply to messages, manage photos, use mobile apps, and make calls from Windows 10/11.

  • Basic Requirements for Mobile Link: Windows 10 (May 2019 Update) or Windows 11, Android 8.0+ (Android 10+ recommended), and both devices on the same Wi-Fi network. On iPhone, requires BLE and iOS 15+.
  • How to link from the PC: Open Mobile Link on Windows, sign in with your Microsoft account, on mobile download or open Link to Windows (www.aka.ms/yourpc), sign in, scan the QR code and grant permissions.
  • Permissions on Android- Starting with Android 13, you'll need to enable runtime notification permissions for the app to function properly. Check Settings > Apps > Link to Windows > Notifications to enable these permissions.
  • Feature Management: From Settings in Mobile Link, you can enable or disable notifications, calls, photos, audio playback, copy/paste, etc. On Samsung, the “All file access” permission controls access to photos.
  • Problems with “Do Not Disturb” on Android 15If that doesn't work, check in Settings > Do Not Disturb to make sure Link to Windows is enabled and that no other app is controlling focus mode.
  • Unpair and pair again: If there are any errors, delete the Bluetooth pairing (forget device), reset Bluetooth, and perform the pairing process again on both sides.

Adopting Android's built-in security key and passkeys for your startup across the platform can make accessing services from Windows faster, more secure, and without relying on fragile code, with clear controls for recovering access in the event of an unforeseen event.