Passkeys, biometrics deployed for passwordless logins to WhatsApp and more
Meta’s popular messaging app is expanding support for cryptographic passkeys.
WhatsApp’s version 18.104.22.168, recently released to beta testers, the post says a screen found by WABetaInfo suggests passkey support is coming soon. The screen says passkeys are “a simple way to sign in safely” and specifies that WhatsApp passkeys are stored in Google Password Manager.
With passkeys, WhatsApp users can authenticate their identity via biometrics, through fingerprint or face scans that pair with a complementary encrypted key stored on the platform. They are considered resistant to phishing and therefore less vulnerable to attack than passwords.
No date is given for an expected launch of passkeys on WhatsApp, and the piece specifies that the feature remains in development for now.
Less friction, fewer seams for LastPass
LastPass has made FIDO2 authenticators, including biometrics, available to users of its passwordless login products.
The password manager announced in a release that the addition of FIDO2’s open authentication standard will enable users to select from three login options: fingerprint or face biometrics, a hardware key such as a USB stick, or the LastPass Authenticator app. It eliminates the need for a master password to access an account’s vault.
In a release, the CEO of LastPass, Karim Toubba, said meeting the FIDO Alliance’s FIDO2 compliance standard would bring more choice and industry-standard security to its customers, as well as “contributing to better password hygiene, higher adoption, less time and money wasted on resolving lockouts, and a stronger overall security posture.”
Andrew Shikiar, executive director and CMO of the FIDO Alliance, pointed out that LastPass has been a long-standing participant on its board of directors. “By eliminating the requirement for a knowledge-based credential in favor of unphishable FIDO2 authenticators,” he said, “LastPass has taken an important step to provide simpler and more secure access to LastPass vaults – accelerating their customers’ journey towards a password-independent future.”
Life without passwords is a key tenet of the FIDO Alliance’s mission.
Two more organizations say sayonara to passwords
Swissbit, a maker of authentication hardware, has helped integrate the FIDO2 standard into login for the Moodle learning management system (LMS).
In a release, the Swiss firm said certified service providers of the open-source LMS “can now provide phishing-resistant authentication via hardware security key or FIDO stick to users such as universities, schools, and businesses.”
The enhanced Moodle multifactor authentication plugin can be downloaded online. More details are set to be announced at the MoodleMoot Global conference in September.
Finally, adding to the passwordless pile-on, digital identity authentication firm authID has partnered with the large facilities services firm, ABM Industries, to provide biometric authentication services for operations and employee device security.
In a release, the New York company said its tools will be deployed across industries including aviation, education, healthcare and hospitality.
Stephanie Franklin-Thomas, chief information security officer of ABM Industries, said ABM selected authID for its biometric authentication system’s “combination of security, seamless user experience, shared device support and cost-effective delivery.”