WhatsApp adds passkeys on Android
Another app dropping passwords
Meta-owned WhatsApp is adding passkeys to its Android app to improve security.
Unlike traditional log-in methods utilising a username and password, each passkey is a unique digital key that cannot be reused.
Passkeys can be used with devices you already own, like a smartphone, and are built on the WebAuthentication or WebAuthn standard.
Because passkeys are stored in an encrypted format on your devices, instead of on a company's servers, they are also safe in the event of a data breach - or even if you fall victim to a phishing attack.
A prompt is needed to activate a passkey when logging in, which could include a biometric login like a fingerprint scan, a PIN, or a hardware key.
WhatsApp is rolling the new functionality out now, though it may not reach all users simultaneously.
You can check if passkeys have reached your Android app by following these steps:
- Open WhatsApp
- Select 'Settings' from the three-dots menu
- Open 'Account'
- 'Passkeys' should be a visible option if available to you.
Passkeys have both a public and private element. The public key is sent to a company's servers, while the private key stays on your device. In the case of Android devices, it is stored in Google's Password Manager.