WhatsApp is rolling out a significant security enhancement: passkey-based encryption for chat backups, enabling users to protect their backed-up conversations using biometric authentication (fingerprint or facial recognition) or a device’s screen lock instead of a password or long encryption key.
What’s changing?
Previously, users wishing to encrypt their cloud backups on Google Drive or iCloud had to set a separate password or retain a cumbersome 64-digit encryption key. With the new update, passkeys—which are tied to a user’s device security—provide a simpler and stronger form of protection. This move builds on WhatsApp’s earlier rollout of end-to-end encryption for messages and backups. While messages were already protected during transit, backups stored in the cloud posed more vulnerability. With passkey encryption, even these cloud-stored copies benefit from the same high level of protection.
How to enable it
Users should go to Settings → Chats → Chat backup → End-to-end encrypted backup to enable this feature. The rollout is gradual and may take several weeks to become available on all devices. Once activated, the next time a user restores a backup or transfers data to a new device, they simply authenticate via passkey—no need to remember a password or locate a key.
Why it matters
With billions of messages, voice notes, photos and personal memories stored in WhatsApp chats, ensuring these backups are truly protected is essential. The shift to passkey encryption reduces the chances of unauthorised access—especially if a device is lost or compromised. The move also aligns with a broader industry trend towards passwordless security, which offers both convenience and enhanced safety.
Things to note
-
The feature is available for both Android and iOS devices, but its availability may depend on device compatibility and region.
-
Enabling passkey encryption ties the protection mechanism to the device’s biometric or screen-lock system. If the device is changed, users must follow the restore process accordingly.
-
Messages sent to business accounts are end-to-end encrypted using similar protocols, but once received, they may be handled according to the business’s own privacy policies.
Final word
By introducing passkey-backed encryption for chat backups, WhatsApp is taking a major step forward in securing one of the most critical and vulnerable parts of its platform. This update lets users protect not just messages during transit, but entire backup stores—with ease and strength. As device ecosystems evolve, this move strengthens WhatsApp’s commitment to user privacy and sets a new standard for messaging security.
