To strengthen digital security at Berkeley Lab, the IT Division is rolling out Passkeys Lab-wide following a successful three-month pilot. The transition began with Operations divisions in April and is now expanding to Research divisions in May.
Passkeys are a modern authentication method stored on your device that use secure, cryptographic verification or a physical security key, such as a YubiKey, to log you in. Passkeys provide a simpler, more secure, and phishing-resistant alternative to traditional multi-factor authentication (MFA).
Why Passkeys?
Passkeys eliminate the need for one-time passcodes (OTPs), reducing the risk of credential theft. Because they are cryptographically tied to both your device and the Lab’s authentication systems, they cannot be intercepted or used on fraudulent websites. In addition to improved security, Passkeys streamline the login process by removing the need to enter 6-digit OTP codes.
What to Expect
This rollout is designed to be low-friction and user-friendly:
- Enrollment: When your division is enrolled, you’ll be prompted to register a passkey at your next login.
- Flexibility: Existing methods, such as physical tokens and authenticator apps, will remain available during the transition.
Want Early Access?
If you’d like to start using Passkeys before your division’s rollout, you can opt in now: go.lbl.gov/JoinPasskeyProgram.
Resources and Support
- Registration Walkthrough: go.lbl.gov/firstpasskey
- FAQs & Troubleshooting: go.lbl.gov/passkeys or go.lbl.gov/passkeyhelp
- Direct Support: IT Help Desk at go.lbl.gov/itchat
- Virtual Office Hours: IT will provide office hours via Zoom during the enrollment period. Visit go.lbl.gov/passkeys for connection information.
Thank you for your partnership as we move toward a more robust and efficient authentication standard for the Lab.
in the bottom right or navigate to