Overview
In certain scenarios, an IT administrator may need to delete a user's passkey to maintain the integrity and security of the organization’s access controls.
Reasons why it may be necessary to delete a user's passkey:
- Device Loss or Theft: If a user loses a registered device or it is stolen, the associated passkey should be deleted immediately to prevent unauthorized access.
- Compromised Credentials: If there's suspicion that a user’s credentials or device have been compromised, deleting the passkey is a proactive security measure.
- Device Replacement: When a user upgrades or switches devices, the old passkey may need to be removed to ensure only the new device can be used for authentication.
- Access Revocation: If a user’s access level changes or they no longer need access to certain resources, deleting specific passkeys helps enforce least privilege.
- Onboarding Errors: If a passkey was created in error during enrollment or needs to be reissued, the original passkey may need to be deleted and replaced.
By deleting outdated or unnecessary passkeys, you help reduce risk and ensure that only trusted, up-to-date credentials are used to access sensitive systems and applications.
What You'll Learn
This article will guide you through the process of:
Deleting a user's passkey
Deleting a User's Passkey
Steps
1. Log in to your Beyond Identity Secure Work console.
2. Click Users from the left-hand navigation panel.
3. Select the Passkeys tab.
4. Click the pencil icon under the Actions column for the passkey you'd like to delete.
5. In the dialog box that appears, you can choose to edit or delete the passkey. For this workflow, click Delete This Passkey if you intend to remove it.
6. Read the message in the next dialog box, "This passkey will no longer have access to your work apps and services." Then, click Delete.
That's it! The user's passkey will then be deleted, but their profile will remain.
Comments
0 comments
Article is closed for comments.