You Made a Passkey on Your iPhone. Here Is How to Use It on Windows and Android
Made a passkey on your iPhone but can't find it on Windows or Android? The three ways to use passkeys across platforms, plus the recovery step to set up first.
You set up a passkey on your iPhone, felt good about finally ditching a password, then sat down at a Windows PC or picked up an Android phone and the passkey was nowhere to be found. That moment of "wait, where did it go?" is the single most common point of confusion about passkeys, and it is not your mistake. It is a side effect of how passkeys are stored.
The short version: your passkey did not disappear, and you are not locked out. It lives with whichever provider created it, and there are three different ways to reach it from another platform. Which one you want depends on whether you need it once in a while or every single day.
What A Passkey Actually Is
A passkey is not floating on the internet the way a password effectively is once you know it. It is a cryptographic key held by a passkey provider, and most people's first passkey is held by Apple's iCloud Keychain. iCloud Keychain syncs across your Apple devices, but it does not natively push your passkey into Windows or Android. So to use that iPhone passkey elsewhere, you pick one of these:
- Once in a while: use the QR-code "sign in with your phone" flow, where the other device borrows your iPhone for a single login.
- Every day, across platforms: store your passkeys in a cross-platform manager (1Password, Bitwarden, Dashlane, and others) instead of a single ecosystem.
- Switching or avoiding lock-in: use the new portability standard that is rolling out in 2026 to move passkeys between providers.
The rest of this explains each, plus the recovery step most guides skip. If you only do one thing, do that last part.
Why This Is Confusing In The First Place
Passkeys come in two flavors, and the difference is the whole story. The FIDO Alliance, which defines the standard, distinguishes synced passkeys, which a provider replicates across your devices through an end-to-end encrypted cloud, from device-bound passkeys, which never leave the single device they were made on.
When you created a passkey on your iPhone, you almost certainly made a synced one, saved into iCloud Keychain. Apple's own documentation is explicit that those passkeys sync across your devices through iCloud Keychain, which is end-to-end encrypted with keys Apple does not hold. The catch is in the word "your devices." iCloud Keychain syncs Apple to Apple. Google Password Manager syncs across devices signed into your Google account. Windows has its own passkey handling. Each provider keeps its own house, and by default they do not hand credentials to each other.
So nothing broke. Your passkey is sitting safely in one provider's vault, and the question is simply how another platform borrows or shares it. That framing matters, because each of the three paths below is really just a different answer to "how does device B get to a key held by provider A."
Path 1: The QR Code Sign-In, For Occasional Logins
This is the one to reach for when you are on a Windows PC or an Android device you do not own or do not use often, and you just need to get into one account right now.
FIDO calls it cross-device authentication. In practice: on the Windows or Android sign-in screen you choose to use a passkey from another device, a QR code appears, you scan it with your iPhone camera, and your phone approves the login. Under the hood it uses Bluetooth to confirm the two devices are physically near each other, which is what stops someone from phishing the QR code from across the world.
The important detail, and the part people misread, is that no copy of the passkey is moved to the other device. Your iPhone authorizes a single sign-in ceremony and that is it. The next time you sit at that same Windows PC, you scan again. That is a feature, not a bug, for a shared or borrowed machine, you do not want to leave credentials behind. But if it is your own daily PC, scanning a QR code every login gets old fast, which is exactly what Path 2 fixes.
Path 2: Put Your Passkeys In A Cross-Platform Vault
If you genuinely live across ecosystems, an iPhone in your pocket and a Windows laptop on your desk, or an Android phone and a MacBook, the better move is to stop relying on any single ecosystem's keychain and use a passkey provider that spans all of them.
Third-party password managers are now full passkey providers, not just password lockers. The FIDO standard explicitly lists them alongside operating systems as valid providers. A manager like Bitwarden or 1Password creates and stores your passkeys in its own end-to-end encrypted vault and syncs that vault to every platform it runs on, so the same passkey is available on Windows, macOS, Android, and iOS. Crucially, Windows 11 added support for third-party passkey providers, so the manager can plug directly into the system sign-in prompt rather than fighting it.
The trade is that you are choosing where your passkeys live deliberately, rather than letting each device default to its built-in keychain. For someone who already uses a password manager, this is the smoothest daily experience by a wide margin: create a passkey once, use it everywhere, no QR dance. For someone who does not, it means adopting and trusting one more app, which is a real decision, not a free one. There are no affiliate angles here; pick whichever reputable manager you would already trust with your passwords.
Path 3: Move Passkeys Between Providers, The 2026 Way
Until recently there was a genuine gap: if your passkeys were stuck in iCloud Keychain and you wanted them in a cross-platform manager, there was no safe way to move them. Exporting credentials historically meant dumping them into a plain-text file, which is exactly the kind of thing you do not want sensitive keys sitting in.
That is the problem the FIDO Alliance's Credential Exchange specifications are built to solve. There are two parts: a Credential Exchange Format that defines how the data is structured, and a Credential Exchange Protocol that encrypts the transfer end-to-end so credentials are never exposed in transit. The point is portability without the plain-text risk, letting you move passkeys from, say, iCloud Keychain into 1Password, or Google Password Manager into Bitwarden, without re-registering at every site.
Set expectations on timing, though. This is an emerging standard reaching maturity through 2026, with the format finalized ahead of the protocol and platforms enabling export before import. Apple's iOS and macOS were among the first to ship credential transfer based on it. So treat Path 3 as the direction the whole ecosystem is moving rather than a button that is already everywhere. Because of that, if you do try a transfer, confirm both the source and destination apps actually support the import side first, and do not delete the originals until you have verified the move succeeded, otherwise you can strand credentials mid-migration. If you are choosing a setup today, the practical reason it matters is that it removes the old fear of lock-in, you are no longer permanently married to wherever your first passkey happened to land.
So Which One Do You Actually Need
| Your situation | Best path | Why |
|---|---|---|
| Signing in once on a borrowed or rarely used PC | QR code sign-in | No credential left behind on a machine you don't control |
| Daily work across iPhone + Windows (or Android + Mac) | Cross-platform manager | Same passkey everywhere, no per-login QR scan |
| Leaving an ecosystem or avoiding lock-in | Credential Exchange portability | Moves keys securely instead of stranding them |
| All Apple, all the time | Do nothing (revisit if that changes) | iCloud Keychain already syncs it for you |
The common mistake is assuming you must pick one path forever. You don't. Most people end up using the QR flow occasionally for odd machines and a cross-platform manager for daily life, and that combination is completely reasonable.
Do Not Skip Recovery
Here is the part that matters more than any of the above, and the part most walkthroughs rush past: a passkey is only as recoverable as the provider account holding it. If all your passkeys live in iCloud Keychain and you lose access to your Apple Account, or they live in one password manager and you forget its master credentials, you can lock yourself out of everything at once.
So before you go all-in, verify your recovery in advance:
- Make sure your passkey provider account itself has strong, tested recovery, Apple, Google, Microsoft, and the major managers all document an account recovery path; actually read yours.
- Keep more than one device enrolled where you can, so losing one phone is an inconvenience, not a catastrophe.
- Consider registering a physical security key as an additional backup credential on your most important accounts, alongside your passkey rather than instead of it, so you add a route in that does not depend on any cloud at all.
Picture switching to a brand-new Android phone after years on iPhone. If you planned recovery, your passkeys follow you through your manager or the portability path, and the migration is dull. If you did not, that is the afternoon you discover which accounts you can no longer reach. Dull is the goal.
The Bottom Line
Your iPhone passkey is not trapped, it is just stored with one provider, and reaching it from Windows or Android is a choice between borrowing it (QR sign-in), sharing it everywhere (a cross-platform manager), or moving it (the new Credential Exchange standard). For most people the honest answer is a cross-platform manager for everyday use plus the QR flow for the occasional strange machine. Whatever you choose, sort out recovery first, because the one genuine risk with passkeys is not getting phished, the standard is built to stop that, it is locking yourself out of the account that holds the keys.
Source Links
- FIDO Alliance: Passkeys overview (synced vs device-bound, cross-device authentication)
- FIDO Alliance: Credential Exchange specifications (CXP and CXF)
- Apple Support: About the security of passkeys
- Google Account Help: Sign in with a passkey instead of a password
- Microsoft Support: Create and save a passkey
- Microsoft Learn: Support for passkeys in Windows