We’re excited to announce that starting today, we’re rolling out passwordless login with biometric passkeys to streamline and safeguard your sign-in experience as well as default end-to-end encryption for audio and video (E2EE A/V) calls.
Read on to see how these two features will help make your time on Discord safer, for both you and your friends on the call!
Passwordless Login
Passwords are annoying to remember and are not the most secure (yes, that includes “wumpu2-1s-c00l”). We provide various forms of multi-factor authentication (MFA) to protect your account, but we wanted to continue to prioritize security with a more seamless experience.
Now, you can register a passkey to your Discord account, secured by on-device biometric features such as Face ID or Touch ID, to sign in with just one easy step.
Discord can’t access your biometric data, and helps ensure that nobody but you can use your passkey to sign into your account. Your passkey lives on your device, allowing you to seamlessly sign into Discord on any device that has access to that passkey. That’s a win-win-win for privacy, security, and a seamless user experience.
Passwordless login with a passkey keeps your account as protected as possible. You can learn more about setting up a biometric passkey and how to then log in with that passkey here.
End-to-End Encryption for Audio & Video (E2EE A/V)
Last summer we began experimenting with encryption protocols and technologies for audio and video calls, and we are excited to announce the roll out of our E2EE A/V protocol.
Today, we’ll start automatically migrating audio and video calls in DMs, Group DMs, voice channels, and Go Live streams to a new system that utilizes E2EE A/V. You’ll also be able to verify your end-to-end encrypted call and the identity of the other members in it, giving you peace of mind no one else can listen in.
When we consider adding new privacy features like E2EE A/V, we do not do so in isolation from safety. That is why safety is integrated across our product and policies, and why messages on Discord are unencrypted. Messages will still be subject to our content moderation approach, allowing us to continue offering additional safety protections.
Privacy is an essential part of feeling secure, and we want to be transparent about the security technology we use. That’s why we’ve also published a technical blog to provide more insight into the work, how we got here, our design and implementation goals, and the technical overview of how we built our E2EE A/V protocol. You can also see how we’ve worked closely with external experts to assess risks and develop robust safeguards to build our protocol.
Discord is a place where you can be authentic and should feel safe when talking with your friends – this includes maintaining account security and protecting your privacy. Passwordless login makes sure no baddies can worm their way into your Discord account, and end-to-end encryption has arrived to help keep audio and video calls between you and your friends private.
To enable passwordless login, just head into User Settings > Account and find the section called “Security Keys” to get started!
E2EE A/V is on by default for up-to-date Discord clients on desktop and mobile, and support for other clients such as web and consoles will roll out next year. You can head here to learn how to verify your E2EE A/V calls are truly end-to-end encrypted.
Obsessed with security and privacy? So are we —we’ll continue to prioritize and build products that respect both.