Skip to content

WhatsApp passkey verification rolls out for iOS

  • by
  • 2 min read

WhatsApp has introduced passkey verification support for iOS users to enhance security while simplifying the login process. This feature, available on Android for six months, eliminates the need for SMS one-time passcodes. It provides a more secure and convenient login experience for its users.

The passkey verification feature enables iOS users to log into WhatsApp using various methods such as facial recognition, biometrics, or a PIN stored on Apple’s passkey manager.

This approach enhances security and reduces the risk of unauthorised access, as bad actors would require physical access to the device in addition to the passkey.

By adopting passkey logins, WhatsApp aims to mitigate common security risks associated with traditional username and password combinations, often targeted by phishing attacks. This new authentication method provides an added layer of protection against remote account access attempts.

Furthermore, users can log in to their WhatsApp accounts even if they are not connected to an internet network, as the device stores the authentication key.

In the passkey verification, two keys are generated; one is stored on the user’s device, and the other is stored by the company, in this case, Meta. In this way, users establish a unique pair of keys as their digital authentication method.

Passkeys cannot be written down or shared; they can only be stored on users’ devices, making them more secure.

To enable passkey verification, iOS users can navigate to their WhatsApp settings, access the Account option, and select the new Passkeys button to set up their preferred verification method. This functionality will be progressively rolled out to all iOS users in the coming weeks.

Many companies, such as Google and X, have introduced passkeys to mitigate cyber threats. In May 2023, Google announced that users can create and use passkeys for their personal Google accounts. Similarly, X extended the support for passkeys for iOS users in April 2024.

In the News: State-sponsored UAT4356 exploit Cisco zero-days for espionage

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: