Traditional passwords are becoming obsolete, which is great news for our security. Experts have long criticized the use of passwords, especially when they are reused across multiple services, as they are ineffective in protecting our data.

The major issue with passwords is that they need to be stored on external servers for authentication. This opens the door to various attack vectors, such as hackers gaining access to the server and obtaining a list of all the passwords used the users.

Furthermore, passwords are risky because they need to be unique for each service. If we reuse passwords, there is a risk that a hacker who has stolen our password from one site can use it on another. However, most people don’t want to remember dozens of passwords.

That’s where passkeys come in. Passkeys are a new standard developed major tech companies like Google, Apple, and Microsoft. Instead of being stored on a server, a passkey is a unique cryptographic access key that is securely stored on our own device. This means that our device takes care of authentication, such as using the fingerprint reader on our mobile phone.

With passkeys, all we have to do to log in to a passkey-compatible service is place our finger on the fingerprint reader, just like unlocking our phone. Operating systems like Android or Windows prompt us to do the same thing we do when unlocking the device, whether it’s using our fingerprint, face, or a PIN.

WhatsApp is the latest service to adopt passkeys, although it is not mandatory for now, and traditional authentication methods still work. The beta version of the app has been experimenting with passkeys since August and now WhatsApp is pleased with the results and is planning to expand it to all users of the stable version of WhatsApp.

Passkeys on WhatsApp replace the traditional method of receiving an SMS message to log in. They appear as a new option in the account section of the app. By activating passkeys, WhatsApp will ask for our fingerprint, face, PIN, or any other method we use to unlock our phone, creating a new passkey that will be stored in Google’s password manager on Android devices. From then on, if we buy a new phone, we only need to import our passkey and log in to WhatsApp with our number and fingerprint.

