# WebAuthn security keys Currently, only security keys that can be configured as **passkeys** are supported. **Passkeys** are a modern replacement for traditional passwords, based on WebAuthn and FIDO2 standards. They enable passwordless authentication by verifying both possession of a device and an additional user verification step (such as biometrics, PIN entry, or a user gesture). For a security key to be supported, it must be able to correctly set the **User Verification (UV)** flag during the WebAuthn authentication flow. The UV flag indicates that the key has confirmed that the user is physically present and actively authenticating. Some older or limited-functionality security keys do not support the necessary mechanisms (such as built-in biometrics or PIN prompts) to perform user verification. As a result, they **cannot set the UV flag** and are **not supported** for passkey use. {% hint style="danger" %} Attempting to register an **unsupported** security key will result in an **error** during **registration** process. {% endhint %} #### Examples of Unsupported Security Keys * **YubiKey 4 Series** (e.g., YubiKey 4 Nano, YubiKey 4C) * **YubiKey NEO** * **Older FIDO U2F-only keys** without FIDO2/WebAuthn support #### Requirements for Supported Keys * Must support **passkey** registration and authentication (WebAuthn + FIDO2). * Must be capable of **user verification** (e.g., PIN entry, biometrics, or touch gestures). --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.defguard.net/support-1/troubleshooting/webauthn-security-keys.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.