diff --git a/app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/PasskeyProviderService.kt b/app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/PasskeyProviderService.kt
index ab1ac8273..2af9d0115 100644
--- a/app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/PasskeyProviderService.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/credentialprovider/passkey/PasskeyProviderService.kt
@@ -53,6 +53,7 @@ import com.kunzisoft.keepass.database.DatabaseTaskProvider
 import com.kunzisoft.keepass.database.exception.RegisterInReadOnlyDatabaseException
 import com.kunzisoft.keepass.database.helper.SearchHelper
 import com.kunzisoft.keepass.model.SearchInfo
+import com.kunzisoft.keepass.settings.PreferencesUtil.isPasskeyAutoSelectEnable
 import com.kunzisoft.keepass.view.toastError
 import java.io.IOException
 import java.time.Instant
@@ -63,6 +64,7 @@ class PasskeyProviderService : CredentialProviderService() {
     private var mDatabaseTaskProvider: DatabaseTaskProvider? = null
     private var mDatabase: ContextualDatabase? = null
     private lateinit var defaultIcon: Icon
+    private var isAutoSelectAllowed: Boolean = false
 
     override fun onCreate() {
         super.onCreate()
@@ -79,6 +81,8 @@ class PasskeyProviderService : CredentialProviderService() {
         ).apply {
             setTintBlendMode(BlendMode.DST)
         }
+
+        isAutoSelectAllowed = isPasskeyAutoSelectEnable(this)
     }
 
     override fun onDestroy() {
@@ -160,7 +164,7 @@ class PasskeyProviderService : CredentialProviderService() {
                                 pendingIntent = usagePendingIntent,
                                 beginGetPublicKeyCredentialOption = option,
                                 displayName = passkeyEntry.getVisualTitle(),
-                                isAutoSelectAllowed = true
+                                isAutoSelectAllowed = isAutoSelectAllowed
                             )
                         )
                     }
@@ -183,7 +187,7 @@ class PasskeyProviderService : CredentialProviderService() {
                             pendingIntent = pendingIntent,
                             beginGetPublicKeyCredentialOption = option,
                             lastUsedTime = Instant.now(),
-                            isAutoSelectAllowed = false
+                            isAutoSelectAllowed = isAutoSelectAllowed
                         )
                     )
                 }
@@ -205,7 +209,7 @@ class PasskeyProviderService : CredentialProviderService() {
                             pendingIntent = pendingIntent,
                             beginGetPublicKeyCredentialOption = option,
                             lastUsedTime = Instant.now(),
-                            isAutoSelectAllowed = true
+                            isAutoSelectAllowed = isAutoSelectAllowed
                         )
                     )
                 }
diff --git a/app/src/main/java/com/kunzisoft/keepass/settings/PreferencesUtil.kt b/app/src/main/java/com/kunzisoft/keepass/settings/PreferencesUtil.kt
index e592021db..762b51196 100644
--- a/app/src/main/java/com/kunzisoft/keepass/settings/PreferencesUtil.kt
+++ b/app/src/main/java/com/kunzisoft/keepass/settings/PreferencesUtil.kt
@@ -692,6 +692,12 @@ object PreferencesUtil {
             context.resources.getBoolean(R.bool.passkeys_backup_eligibility_default))
     }
 
+    fun isPasskeyAutoSelectEnable(context: Context): Boolean {
+        val prefs = PreferenceManager.getDefaultSharedPreferences(context)
+        return prefs.getBoolean(context.getString(R.string.passkeys_auto_select_key),
+            context.resources.getBoolean(R.bool.passkeys_auto_select_default))
+    }
+
     fun isPasskeyBackupStateEnable(context: Context): Boolean {
         if (!isPasskeyBackupEligibilityEnable(context))
             return false
diff --git a/app/src/main/res/values/donottranslate.xml b/app/src/main/res/values/donottranslate.xml
index ac6a15604..bed60f49d 100644
--- a/app/src/main/res/values/donottranslate.xml
+++ b/app/src/main/res/values/donottranslate.xml
@@ -135,6 +135,8 @@
     <string name="passkeys_explanation_key" translatable="false">passkeys_explanation_key</string>
     <string name="settings_passkeys_key" translatable="false">settings_passkeys_key</string>
     <string name="passkeys_privileged_apps_key" translatable="false">passkeys_privileged_apps_key</string>
+    <string name="passkeys_auto_select_key" translatable="false">passkeys_auto_select_key</string>
+    <bool name="passkeys_auto_select_default" translatable="false">false</bool>
     <string name="passkeys_backup_eligibility_key" translatable="false">passkeys_backup_eligibility_key</string>
     <bool name="passkeys_backup_eligibility_default" translatable="false">true</bool>
     <string name="passkeys_backup_state_key" translatable="false">passkeys_backup_state_key</string>
diff --git a/app/src/main/res/values/strings.xml b/app/src/main/res/values/strings.xml
index 03758f18a..430dc2c97 100644
--- a/app/src/main/res/values/strings.xml
+++ b/app/src/main/res/values/strings.xml
@@ -430,6 +430,8 @@
     <string name="passkeys_missing_signature_app_ask_title">Signature missing</string>
     <string name="passkeys_missing_signature_app_ask_explanation">WARNING: The passkey was created from another client or the signature has been deleted. Ensure the app you want to authenticate is part of the same service and is legitimate to avoid security issues.</string>
     <string name="passkeys_missing_signature_app_ask_message">%1$s is unrecognised and attempts to authenticate with an existing passkey.\n\nAdd app signature to passkey entry?</string>
+    <string name="passkeys_auto_select_title">Auto select</string>
+    <string name="passkeys_auto_select_summary">Auto select if only one entry and the database is open, only if the requesting app is compatible</string>
     <string name="passkeys_backup_eligibility_title">Backup Eligibility</string>
     <string name="passkeys_backup_eligibility_summary">Determine at creation time whether the public key credential source is allowed to be backed up</string>
     <string name="passkeys_backup_state_title">Backup State</string>
diff --git a/app/src/main/res/xml/preferences_passkeys.xml b/app/src/main/res/xml/preferences_passkeys.xml
index 502403320..2bf319d8d 100644
--- a/app/src/main/res/xml/preferences_passkeys.xml
+++ b/app/src/main/res/xml/preferences_passkeys.xml
@@ -24,6 +24,11 @@
             android:key="@string/passkeys_privileged_apps_key"
             android:title="@string/passkeys_privileged_apps_title"
             android:summary="@string/passkeys_privileged_apps_summary"/>
+        <SwitchPreferenceCompat
+            android:key="@string/passkeys_auto_select_key"
+            android:title="@string/passkeys_auto_select_title"
+            android:summary="@string/passkeys_auto_select_summary"
+            android:defaultValue="@bool/passkeys_auto_select_default"/>
         <SwitchPreferenceCompat
             android:key="@string/passkeys_backup_eligibility_key"
             android:title="@string/passkeys_backup_eligibility_title"