WhatsApp Is Rolling Out Passkey Support for Encrypted Backups

In the beginning, WhatsApp users could not protect their chat backups with encryption—while all communications were encrypted end-to-end, backups weren't afforded the same protection. Since 2021, however, WhatsApp has offered two ways for users to encrypt these backups: a standard password, or a 64-digit encryption key.

There are security issues with both of these methods. Passwords can be secure, but let's be real, many of us use very simple passwords that are easy to remember, and, in some cases, we even repeat passwords from account to account to make things easier on our brains. If your password for WhatsApp backups is the same password you use for your email, and the latter gets leaked, hackers can easily break into your WhatsApp backups. Not good. (Side note: Please use a strong and unique password for all of your accounts.)

The 64-digit encryption key, on the other hand, is extremely secure. It would take a computer a long time to crack (perhaps a few lifetimes) and would be essentially impossible for a human to guess. But it's 64 characters long. You're not going to remember it, and if you don't store it somewhere safe and secure, you could lose track of it—and with it, access to your encrypted chat backups. Again, not good.

On Thursday, however, WhatsApp announced it is adding a new authentication method to protect your encrypted backups, and a big improvement over the existing two options: passkeys. If you choose to encrypt your chat backups with a passkey, you'll be able to decrypt them the same way you unlock your device, such as with your fingerprint, face scan, or device passcode.

Passkeys offer the best of both passwords and two-factor authentication (2FA). The "key" is stored on-device or associated with your account, so there's no passphrase to remember, write down, or store in a password manager. That means you don't need to worry about it landing in a hacker's hands due to a data leak. The only way to access the passkey is to authenticate yourself with a connected and trusted device, such as your smartphone. Without your fingerprint, face scan, or passcode, no one is getting into your encrypted backups.

How to check if you have passkey support

WhatsApp says it is gradually rolling out this passkey support "over the coming weeks and months." To check if your account supports it, head to Settings > Chats > Chat backup > End-to-end encrypted backup.