WhatsApp May Soon Let Users Ditch Passwords With Passkey Support
As more people make use of account-based services, password security has become more important than ever. Unfortunately, that also means that bad actors have ramped up their phishing efforts proportionately, meaning many people are still getting their passwords stolen and their accounts messed with.
It's for this reason that tech companies have been researching new ways to authenticate service accounts without relying on vulnerable passwords. One such service is WhatsApp, which may soon switch to a password-free format. In a new update to the Google Play Beta version of WhatsApp released today, the service has begun experimenting with passkey support in lieu of traditional passwords.
Compared to alphanumeric passwords, which bad actors can swipe from you with phishing tactics, passkeys utilize wholly unique elements that cannot be copied — including your phone's identifying codes, or your own face and fingerprints. If and when this feature is implemented, it could be a major boon for WhatsApp security.
WhatsApp's passkeys
Based on a screenshot of the experimental feature obtained by WABetaInfo, WhatsApp users will be able to verify their identity and log into their WhatsApp account on their phone using passkeys, saved to Google Password Manager.
"You can now use your fingerprint, face, or screen lock to verify if it's you with a passkey," the WhatsApp setting page reads. "Your passkeys are safely stored in your Google password manager."
On the passkey setting page, you can enable the passkey toggle to begin verifying your identity in this way, or leave it off if you prefer doing it the usual way.
The security aspect of this new feature is obvious — if you're signing into your WhatsApp account using biometrics like face ID or fingerprints, then phishers won't be able to steal your credentials. It's also convenient for users, as you don't need to remember an alphanumeric password. As long as you've got a face and fingers, you can log in.
Besides being much harder for bad actors to steal, passkeys are generally easier to use for verification purposes, authenticating faster and more consistently. The feature could prove especially beneficial for those who frequently need to re-sign into their WhatsApp account; whether due to changing devices regularly, or using multiple accounts on one device.
It's currently unknown when Meta will implement this new security feature into a proper WhatsApp version release.