Updated June 24 with clarification from Meta on rollout.
Meta will soon allow Facebook and Messenger users to sign in with a passkey for the first time, joining its big tech peers in increasing its embrace of the more secure, passwordless technology.
It revealed passkeys had begun rolling out globally as a login option for Facebook and Meta Pay on iOS and Android mobile devices, with desktop support to come "in the future" and passkeys for Messenger to follow in the “coming months”, though the company stopped short of a commitment to remove passwords altogether.
Meta described the option, already available for WhatsApp accounts, as “an upgrade in security” to traditional passwords but said other authentication methods would remain to allow users to maintain account access when “using a device that doesn’t support passkeys yet.”
As part of the launch, it said Facebook’s roughly 3 billion users may also now be prompted to create a passkey when logging in to their account. Instagram was not mentioned in Meta's announcement but it told The Stack it would "continue exploring ways to bring passkeys to other Meta technologies in the future."
Why passkeys?
Developed by the FIDO Alliance, an open industry association backed by Meta and most big tech players, passkey technology allows users to link the PIN, pattern or biometric credentials used to unlock their device with other accounts, removing the need to enter unique usernames and passwords on each app and website, and making it harder for attackers to steal credentials.
The alliance oversees the FIDO2 authentication standard combining the W3C’s WebAuthn standard and its own Client to Authenticator Protocol 2 to provide on-device stored credentials “based on public key cryptography.”
FIDO2 has been increasingly embraced as a more secure and easy-to-use login method since its general release in 2018, with FIDO encouraging companies to sign a ‘passkey pledge’ and eventually commit to removing passwords as a sign-in option.
Despite introducing the tech to WhatsApp in October 2023, Meta has been slower in its passkey roll out compared to other big tech firms, with Apple including them as an option since 2022’s iOS 16 and Google first offering passkeys for Google Accounts in 2023.
In May, Microsoft went so far as to announce that all new Windows accounts would be “passwordless by default” as part of changes to its login process, with existing account holders also encouraged to enroll a passkey every time they login to increase their use and allow the company to “eventually remove password support altogether.”
The link has been copied!
