WhatsApp for iOS Gains Support for Passkeys

[lozion]

I thought it was going to replace Two-Step Verification, but that doesn’t appear to be the case. It looks to purely be an alternative to receiving an SMS to authenticate.

Considering SMS authentication can’t be disabled, and the passkey can’t be used as a second factor, it provides zero additional security.

The fact it doesn’t replace 2FA is baffling. This is one of the key concepts of passkeys. Plus, WhatsApp is the only app in existence that constantly pesters me to confirm that I “remember” my PIN. In 2024 we shouldn’t be encouraging users to remember pins/passwords. This was bad practice 15 years ago. No, I don’t remember my PIN because it’s saved in my password manager. I know 2FA is enabled and I know where the PIN is. Give me the option to stop pestering me about it.

You can de-activate two-step after passkey is setup..

 

[MilaM]

I don't get it. They have to verify the phone number first. After that, how many times are you going to be logging in? Maybe on a new phone but that's going to be rare.

I think the idea is, to make multi-device usage of WhatsApp more secure and also more convenient. Right now additional devices are logged out pretty frequently. To log back in on additional devices you need to have your primary device handy. Passkey could make this re-authentication flow more convenient.

 

[trip1ex]

My phone was already making up passwords and storing them in iCloud Keychain afaik and requiring Face ID to access them.

I guess the difference is passkeys can’t be stolen from 3rd party servers.