What is Passkey and how to set it up?

What is Passkey (2FA)?

Passkey is a unique identifier that is used to confirm the legitimacy of your actions within the system (exchange). 

This identifier is another method for two-factor verification and functions on the same level as the familiar TOTP (Time-based One-Time Password) authentication, which works with Google Authenticator or another similar application.

Each device or platform that can act as an authenticator generates two keys: private and public.

  • The public key is a unique identifier of the authenticator and is used to identify the key within the service on which it will be used, in our case on the WhiteBIT exchange;
  • The private key is stored exceptionally in the authenticator and is not available to anyone; used for confirmation.

We highly recommend enabling two-factor authentication (2FA) to ensure security and prevent any potential unauthorized access to your account.

What can be used as a passkey?

Various devices, platforms, and software can be used as a passkey:

Devices on platforms:

  • Android, starting from version 9.0;
  • iOS, starting from version 17.4;
  • iPadOS, starting from version 17.4;
  • macOS, starting from version 13.0.

Browsers:

  • Chrome;
  • Firefox;
  • Safari;
  • Opera.

Software:

  • Password managers, for example, 1Password, Bitwarden and others.

Physical keys:

  • Yubico devices and others.

Other:

  • iCloud.

    Please note: we recommend using physical keys if possible, as they are the most secure. Also, some of the software or devices may not work correctly.

If you encounter any problems while using the passkey, for example, you set up the passkey, but it does not work, please contact our support team using any method convenient for you from the list at the bottom of this article.

How to set up a passkey in the web version of our exchange?

To enable it in the web version, follow a few simple steps:

1. Log in to your WhiteBIT TR account and go to Account Settings and Security;



2. Select the "Two-Factor Authentication" section by clicking on the "Edit" button;



3. Click "Manage Passkeys" and then "Continue";



4. Register a passkey by selecting one of the authentication methods;



5. Confirm your passkey with the chosen method.



Please note: creation of passkeys is limited to 5 units at a time, and it is possible to create multiple keys using one method for authentication.

How to disable the passkey in the web version of our exchange?

After you have connected the passkey, you will be able to disable it at any time.

To disable the passkey, please follow the instructions below:

1. Log in to your WhiteBIT TR account and go to Account Settings and Security;

2. Click on the red button to the right of the "Rename" button to disable the passkey. You will need to confirm the deletion using your passkey or TOTP.

Please note: to disable the passkey with TOTP, you should wait a few minutes or close the confirmation window via the access key.



By following these steps, you will disable the passkey. To set up the passkey again, you can always use our instructions.

Passkey (2FA) features

Passkey can be used for the same functionality as TOTP:

  • Authorization;
  • Withdrawal of funds;
  • WB-code creation;
  • Turning the Whitelist on and off, adding and removing an address from the Whitelist;
  • Adding and removing anti-phishing code;
  • Linking and unlinking a web3 wallet;
  • Account deleting.

You can also use passkey to verify the addition and removal of TOTP, and vice versa, TOTP to add and remove passkeys.

Please note: with the passkey enabled, when using the functionality from the list above (except for withdrawal to a WB card), a confirmation code from email will not be requested.

Logging in to an account using a Passkey

Before logging in to an account with a passkey, it is important to remember that each device requires a different passkey. In other words, the key is created for the specific platform or browser from which you are logging in. If you try to use this key on a different device or browser, you may need to re-authenticate or create a new key.



However, as an exception, Apple devices with synchronisation via iCloud and Google Account users with synchronisation via Google Password Manager may be eligible.

In these cases, you can create a single key that will be available on all devices connected to iCloud or using Google Password Manager. This eliminates the need to create separate keys for each device, such as your phone and laptop.

So what does passkey synchronisation look like on Apple devices?
If a Passkey has already been created for your account (for example, in the web version of our exchange), a biometric authentication window will appear after you enter your login details. After successfully confirming your identity, you will be able to access your account.

The process is similar on mobile devices. As your devices are linked to iCloud, Passkey is automatically synchronised, allowing you to log in to your account on another device without creating a new key—all you need to do is complete biometric authentication.

What does the passkey synchronisation look like for Google?
Passkeys saved in Google Password Manager are automatically synchronised between all your devices if you're logged in to Chrome or Android with the same Google account. This allows you to use them without creating a new key for each device. 

Please note: you must be logged into Chrome with the same Google account on all devices.

To use the passkey, go to the platform's website and select one of your saved passwords when logging into your account. If you need to log in from another device, select the ‘Other device’ option and follow the on-screen instructions. Once you have successfully logged in, you will have the option to memorise your device for easy access in the future.

What will happen if you change your password or completely disable 2FA on your account?

If you change your password or completely disable 2FA (both types: Passkey and TOTP), certain functionality will be blocked for 72 hours. This functionality includes the withdrawal of funds and the creation of WB Codes. You will also receive an email notification informing you of account changes made and alerting you to the restrictions within 72 hours.

If 2FA is turned off and then turned back on in a moment, the above features will still be limited for 72 hours.

Our top priority is ensuring the security of our users' data and funds.

What should I do if I lose access to my two-factor authentication application?

If you have lost access to 2FA, be sure to contact our support team using any method convenient for you from the list below.

Support

In case of any questions related to your account, trading or exchange functionality, you can:

  • Leave a request on our website;
  • Write to our support e-mail: support@whitebit-tr.com;
  • Write to the chat using the button in the lower right corner of the screen (in the upper right corner of the WhiteBIT app, click ).

Was this article helpful?

0 out of 0 found this helpful