WhatsApp is rolling out password-encrypted backups for iOS and Android devices, allowing users to encrypt their chat history using their fingerprint, face, or screen lock passcode.
Access keys are a passwordless authentication method that allows users to log in using biometrics (such as facial recognition or fingerprints), PINs, or security patterns instead of traditional passwords. They allow you to log in to websites, online services or applications without needing to remember complex passwords or use a password manager.
When creating a password, your device generates a unique cryptographic key pair consisting of a private key stored on the device and a public key sent to the website or app. For this reason, passkeys provide significantly improved security compared to traditional credentials, since they cannot be stolen in the event of a data breach because the private key never leaves your device.
“Passkeys will let you use your fingerprint, face, or screen lock code to encrypt your chat backups instead of having to remember a password or cumbersome 64-digit encryption key,” WhatsApp said.
“Now, with just a tap or a glance, the same security that protects your personal WhatsApp chats and calls is applied to your chat backups so they’re always safe, accessible and private.”
To get started, enable the security feature by going to WhatsApp settings, then selecting Chats > Chat backup > End-to-end encrypted backup.
Meta has started rolling out this feature globally, and its rollout is expected to gradually reach all users over the coming weeks and months.
WhatsApp introduced end-to-end encrypted (E2EE) chat backups on iOS and Android four years ago, in October 2021, allowing iOS users to store their backups on iCloud and Android users to store them on Google Drive.
Once enabled, E2EE chat backups allow WhatsApp users to restore their messages to any device if they have the password or passkey used to encrypt them.
A year ago, WhatsApp also began encrypting contact databases for privacy-preserving synchronization. Last week, new tools were added to help users protect themselves from potential scams.
