WhatsApp for iOS Gains Support for Passkeys

MacRumors · Apr 24, 2024

Meta-owned messaging platform WhatsApp today announced that it is rolling out support for passkeys on iOS, a feature that will let WhatsApp users log in to their accounts on iOS devices using Face ID, Touch ID, or their device passcode.

Passkeys serve as a replacement for a traditional password, and because device authentication is required, passkeys put a stop to online attacks like phishing. With a passkey, there's no password to steal, and no one-time SMS or authentication code that can be intercepted.

Passkeys are also more convenient, because logins are done with a quick Face ID or Touch ID scan rather than a password. WhatsApp passkeys can be enabled by opening up the app settings, choosing the Account section, and tapping on "Passkeys."

Apple has supported passkeys since 2022, and they work on devices that run iOS 16 and later, iPadOS 16 and later, and macOS Ventura and later. Many companies have been implementing support for passkeys, including X (formerly Twitter), Google, TikTok, PayPal, Best Buy, Microsoft, PlayStation, and eBay.

Article Link: WhatsApp for iOS Gains Support for Passkeys

lozion · Apr 24, 2024

"passkeys on the iPhone and the iPad"?

iPad??

LightProtector · Apr 24, 2024

lozion said:
"passkeys on the iPhone and the iPad"?

iPad??

Ig for the 10k people on the TestFlight

n-evo · Apr 24, 2024

I wish it gained support for the new iOS 17 notification sounds.

jclo · Apr 24, 2024

lozion said:
"passkeys on the iPhone and the iPad"?

iPad??

I updated this post so I'm not confusing anyone. Removed iPad mention.

BigBag · Apr 24, 2024

Sure would love to use Passkeys to log into an iPad app… if you get what I’m saying. (I’m saying I’d like an iPad app)

lozion · Apr 24, 2024

jclo said:
I updated this post so I'm not confusing anyone. Removed iPad mention.

Ok. You X link makes no mention of iPadOS so it not about confusing anyone, its about reporting facts? Unless you know something we dont..🤔

trip1ex · Apr 24, 2024

Human Google: what happens if I lose my phone or its stolen?

Google answers: I guess you're ok or so says Apple.

mrnoark · Apr 24, 2024

Can't wait for iOS to adopt RCS and get rid of WhatsApp once and for all.

coolfactor · Apr 24, 2024

mrnoark said:
Can't wait for iOS to adopt RCS and get rid of WhatsApp once and for all.

I can't see that happening. With RCS, are carriers still able to impose limits on file size? How about cross-device messaging? I know those of us that activate Messages in iCloud enjoy messaging on all of our devices, but is that something that WhatsApp users appreciate?

I want my RCS messages to be translucent purple!

coolfactor · Apr 24, 2024

mrnoark said:
Can't wait for iOS to adopt RCS and get rid of WhatsApp once and for all.

And do carriers have any control over geographic location like they do with SMS? International texting is still a "paid add-on" in Canada for many carriers.

springsup · Apr 24, 2024

I’ve been moving everything I can to passkeys (as a replacement for telephone number/authentication app-dependent 2FA). It’s good but there are still 2 issues to be aware of:

1. They’re not portable. You cannot sync passkeys between an iCloud Keychain, or a Google account, or 1Password, etc. The standard has no mechanism for it - keys are bound to the keychain software you use when you make them - although it’s apparently something they’re looking in to.

You’re not completely locked-in, though. Accounts can have multiple passkeys (e.g. an iCloud one, a Google one, 1Password one, etc), but it’s a hassle to set that up. Also, you can use one device to authenticate a login from another device (e.g. if you want to login to an account on an Android device, you can get a prompt and confirm it on your iPhone which has the passkey).

2. Currently, most places only offer passkeys in addition to passwords, which kind of defeats the point. AFAIK only Microsoft accounts let you disable password logins entirely.

I get that this is probably a transitional thing, but I wish more places offered it as an option now. GitHub says they’ll likely offer that within a year. Hopefully they do, and hopefully all the early adopters follow suit.

TwoBytes · Apr 24, 2024

springsup said:
I’ve been moving everything I can to passkeys (as a replacement for telephone number/authentication app-dependent 2FA). It’s good but there are still 2 issues to be aware of:

1. They’re not portable. You cannot sync passkeys between an iCloud Keychain, or a Google account, or 1Password, etc. The standard has no mechanism for it - keys are bound to the keychain software you use when you make them - although it’s apparently something they’re looking in to.

You’re not completely locked-in, though. Accounts can have multiple passkeys (e.g. an iCloud one, a Google one, 1Password one, etc), but it’s a hassle to set that up. Also, you can use one device to authenticate a login from another device (e.g. if you want to login to an account on an Android device, you can get a prompt and confirm it on your iPhone which has the passkey).

2. Currently, most places only offer passkeys in addition to passwords, which kind of defeats the point. AFAIK only Microsoft accounts let you disable password logins entirely.

I get that this is probably a transitional thing, but I wish more places offered it as an option now. GitHub says they’ll likely offer that within a year. Hopefully they do, and hopefully all the early adopters follow suit.

That's a helpful post with lots i've learned! A bit shocked about portability but I guess that's tied into your second point - they are not as popular and people still have issues with passwords right now. I'm sure once passkeys are more commonplace, there will be some sort of group come forward to create a standard.

cyanite · Apr 25, 2024

springsup said:
2. Currently, most places only offer passkeys in addition to passwords, which kind of defeats the point

Just set your password to a long random string.

Chux@20 · Apr 25, 2024

coolfactor said:
And do carriers have any control over geographic location like they do with SMS? International texting is still a "paid add-on" in Canada for many carriers.

RCS allows text via Wi-Fi? So I’m guessing they won’t charge if sent over Wi-Fi ?

svish · Apr 25, 2024

Good to know. Happy to see that more apps are now supporting Passkeys

springsup · Apr 25, 2024

TwoBytes said:
That's a helpful post with lots i've learned! A bit shocked about portability but I guess that's tied into your second point - they are not as popular and people still have issues with passwords right now. I'm sure once passkeys are more commonplace, there will be some sort of group come forward to create a standard.

It’s worth noting that if you use a cross-platform keychain such as 1Password, your passkeys can sync across platforms, because the keys are locked to the keychain platform, not a particular device.

So services such as 1Password, LastPass, etc have a bit of an edge here.

Of course, there’s always the chance Apple could launch iCloud Keychain on Linux and Android (it already exists on Windows)…

RandomTox · Apr 25, 2024

In other words, let's collect more human metrics and use it for our questionable purpose. Next step would be a DNA authentication. The road to hell is paved with good intentions.

Aiii83 · Apr 25, 2024

RandomTox said:
In other words, let's collect more human metrics and use it for our questionable purpose. Next step would be a DNA authentication. The road to hell is paved with good intentions.

This is not how Passkeys work.

AstonSmith · Apr 25, 2024

Perhaps a weird question, but what happens if you have two phones with the same iCloud login (with sync enabled), two phone numbers and two WhatsApp accounts? Does each account get its own passkey, or does it try to use one WhatsApp passkey for both accounts?

MilaM · Apr 25, 2024

I was excited about Passkey when they were initially announced, but my enthusiasm has cooled down a bit. I will likely use them to secure my most important accounts eventually. Since my current password manager does not support them, I'm in no rush though. The way they work today, without a way to move them between password managers, I'm worried about vendor lock-in.

On iOS specifically it's also unfortunate, that you can only use them when iCloud Keychain is turned on. It should be at least possible to have device specific Passkeys without syncing enabled. This is a use-case specifically covered by the specs, but apparently Apple thinks it's too complicated to understand for most users.

AiPone12mini · Apr 25, 2024

Telergam is still most robust free calling and communication app and it is rare sight to see that it is written in native language not in bloated way like most of "lazy" written bloat apps with Electron and Nodejs sluggish horrors. Insane speed with PC and with Mobile apps. I try to keep away of closed source and bloated apps much as possible.

nStyle · Apr 25, 2024

I don't get it. They have to verify the phone number first. After that, how many times are you going to be logging in? Maybe on a new phone but that's going to be rare.

jasonsmith_88 · Apr 25, 2024

nStyle said:
I don't get it. They have to verify the phone number first. After that, how many times are you going to be logging in? Maybe on a new phone but that's going to be rare.

I thought it was going to replace Two-Step Verification, but that doesn’t appear to be the case. It looks to purely be an alternative to receiving an SMS to authenticate.

Considering SMS authentication can’t be disabled, and the passkey can’t be used as a second factor, it provides zero additional security.

The fact it doesn’t replace 2FA is baffling. This is one of the key concepts of passkeys. Plus, WhatsApp is the only app in existence that constantly pesters me to confirm that I “remember” my PIN. In 2024 we shouldn’t be encouraging users to remember pins/passwords. This was bad practice 15 years ago. No, I don’t remember my PIN because it’s saved in my password manager. I know 2FA is enabled and I know where the PIN is. Give me the option to stop pestering me about it.

Justin Cymbal · Apr 25, 2024

Chux@20 said:
RCS allows text via Wi-Fi? So I’m guessing they won’t charge if sent over Wi-Fi ?

Standard SMS (green bubble texting) has worked over Wi-Fi for years now:

How to Enable Wi-Fi Calling on Your iPhone

Wi-Fi calling is useful if you're in an area with poor cellular reception but have a wireless internet.

www.howtogeek.com

I keep my iPhone in airplane mode throughout the entire day and am still able to make and receive phone calls and send and receive standard SMS text messages with no issue

All you have to do is enable airplane mode and then connect to a Wi-Fi network and if you look in the top left-hand corner of your phone, it will say your network (followed by Wi-Fi) mine says T-Mobile Wi-Fi

For the iPhone X and later you have to open control center and then it will say your network (followed by Wi-Fi) in the top left

WhatsApp for iOS Gains Support for Passkeys

macrumors bot

macrumors 6502

macrumors regular

macrumors 68000

Managing Editor

macrumors member

macrumors 6502

macrumors 68030

macrumors newbie

macrumors 604

macrumors 604

macrumors 65816

macrumors 68040

macrumors 6502

macrumors newbie

macrumors G3

macrumors 65816

macrumors regular

macrumors member

macrumors member

macrumors 6502a

macrumors member

macrumors 65832

macrumors regular

macrumors 6502

Our Staff