Trimble ID Passkeys FAQ

If your Trimble ID account is not federated, you can set up one or more passkeys.

What is a passkey?

Passkeys are encrypted digital keys you create using your fingerprint, facial recognition, or a PIN. They can be saved to your password manager of choice so you can sign in across other devices without using your Trimble ID password.
Note: Passkeys are only available to native (that is, non-federated) Trimble ID users. If you are part of an enterprise federation, the passkeys section doesn't show in the My Profile page.

How many passkeys can one user have?

You can register up to three passkeys.

How do I sign in using my passkey?

From the Trimble ID Sign In page, select Use a passkey. Then, unlock using biometrics or select another registered method using the passkey to complete your sign in.

Can I use a passkey instead of a password to sign in?

Yes.

While your Trimble ID account must have a password associated with it, if you set up a passkey, you can use it instead of entering your Trimble ID credentials.

If you didn't set up a passkey when you first created your Trimble ID, you can set one up in the Manage Passkeys section of your profile.

Can a passkey be used as an MFA method?

Yes.

To manage your MFA settings, go to the MFA section of the My Profile page.
  • If you didn't set up a passkey during initial sign-up, you can create one.
  • If you have an existing passkey, you can enable it as a default or second MFA method.
Note: It is best practice to have at least two MFA methods enabled on your Trimble ID account. If you lose access to an MFA device and do not have a secondary MFA method already set up, contact Support to temporarily disable MFA on your account.

How do I set up a passkey?

Step by step instructions are at Create and Edit Trimble ID Passkeys.

Are all passkey providers supported?

No. For security reasons, Trimble requires passkeys to meet strict FIDO2 compliance and hardware-attestation standards.

If you receive an error stating your passkey provider is not compliant or unrecognized, it likely means your chosen software does not support the mandatory security handshake required to protect your account.

To ensure a successful setup, use one of the following FIDO-certified methods:
  • Device biometrics: the native tools built into your hardware, such as Windows Hello, Apple TouchID/FaceID, or Android Biometrics.
  • Mainstream managers: widely recognized, certified providers such as 1Password, Bitwarden, or iCloud Keychain.
  • Hardware Keys: a physical hardware key, such as YubiKeys.
Important: Avoid using local-only browser extensions or niche password managers that are not listed on the FIDO Certified Products list.