WhatsApp is among the fastest growing instant messengers out there, and almost a social network in its own way. But if you are using it, there are some steps you should take to protect your security and privacy.
This is above and beyond WhatsApp’s built-in end-to-end encryption. It’s enabled by default and can’t be turned off. The encryption ensures that your messages can only be read on the recipient’s phone. It’s the same for voice calls and video calls, both of which are encrypted.
1. Check Encryption for Sensitive Conversations
Even though WhatsApp encrypts all chats by default, sometimes you want to double-check. It’s good practice to do that while sharing sensitive information like a credit card number with a trusted contact.
To verify the encryption, start a conversation with that contact. In the chat window, tap the contact’s name, and then tap Encryption. You’ll see something like this:
This 40-digit pattern is your security code. You can verify this code manually by comparing the digits, asking the contact to scan that QR code, or scanning your contact’s code with the “Scan Code” button. As security researcher Martin Shelton notes, it’s best to use a different messenger to verify that these numbers match.
2. Turn On Security Notifications
When a new phone or laptop accesses an existing chat, a new security code is generated for both phones. And WhatsApp can send a notification when the security code changes. This way, you can check the encryption with your friend over a different messenger, ensuring its security.
To turn on security notifications, go to WhatsApp > Settings > Account > Security > Show security notifications and flip the toggle to green, as pictured above.
3. Enable Two-Step Verification
If a service supports it, you should be using two factor authentication (2FA). This adds a periodic passcode to WhatsApp, and also ensures your data isn’t accessed by someone else.
To activate 2FA, go to Menu > Settings > Account > Two-step verification > Enable. Follow the steps to create a six-digit PIN code that you can easily remember. Importantly, add your email address to retrieve that code in case you forget it.
The periodic checks for the passcode are randomized, so it’s not exactly the same as password-locking your chat. But that’s not 2FA’s purpose anyway. The purpose is to stop someone else from accessing your WhatsApp account without your consent. It’s truly one of the best new WhatsApp features, and even available on WhatsApp Web.
4. You Can’t Password Protect WhatsApp
Unfortunately, there’s no way to lock WhatsApp with a password. WhatsApp has said so explicitly and recommends using a third-party locking app for it on Android.
On iPhones, there is simply no way to password-protect WhatsApp. Apple doesn’t allow it, whether with a passcode or Touch ID.
So for now, the periodic 2FA pin is your only hope. Apart from that, the only way to keep WhatsApp private from snooping eyes is to use a password or pattern lock on your phone.
5. Disable Cloud Backups (If You Care About Privacy)
The end-to-end encryption is awesome, but there’s one loophole: WhatsApp backs up chats to Google Drive or iCloud. That way, if you reinstall it later, you can retrieve your old messages. But this backup isn’t encrypted.
So if you really care about your privacy, then that’s something you need to disable. Remember, storing your data with Apple and Google might not protect you against eavesdropping by governments.
To disable automatic cloud backups:
- On iPhone: Go to WhatsApp > Settings > Chats > Chat Backup > Auto Backup > Off
- On Android: Go to WhatsApp > Menu > Settings > Chats > Chat Backup > Backup to Google Drive > Never
6. Beware of Common Scams
Since it’s an instant messenger, you might get some scams on WhatsApp periodically. You need to know some of the popular ones and not fall for them.
— Hamza Jeetooa (@hamzajeetooa) September 28, 2016
The most persistent ones talk about a premium version of WhatsApp, “WhatsApp Gold,” or your account expiring. No matter how it’s worded, the scam is about making you pay for WhatsApp. It shouldn’t need to be said, but don’t ever pay money for WhatsApp. The company has made it clear that WhatsApp will forever be free.
Read up on the most common WhatsApp scams so you know what to avoid.
7. Get the Official WhatsApp Desktop Apps
To use WhatsApp on your computer, you need to sync your phone with either WhatsApp Web or the WhatsApp desktop apps. To be on the safe side, get the official desktop app.
The main reason for this is that WhatsApp Web can be easily manipulated, the Electronic Frontier Foundation says. It’s one of the biggest security threats WhatsApp users are facing. And when the EFF wrote that report, the recommended solution was to provide desktop clients.
Sure, the WhatsApp desktop client is only second best and there are better options. But don’t trade in security for a few extra features.
Download: WhatsApp for Windows or Mac (Free)
8. Protect Your Privacy on WhatsApp
WhatsApp isn’t the most private messenger out there, but it gives users at least some control. Go to Settings > Account > Privacy to see everything at your disposal.
You can control who can see your Last Seen, profile photo, about, status, and live location. You can also turn off Read Receipts here, so the blue check marks are switched off.
There’s no recommendation here, you can choose what works best for you. To learn more, here’s everything you need to know about WhatsApp privacy settings and how to keep your photos safe on WhatsApp.
Do You Think WhatsApp Is Safe and Private?
Even with all these features, you should know that WhatsApp isn’t completely secure. In fact, there are other more secure communication apps you can try instead. But for 99 percent of regular users, WhatsApp’s security protocols should be good enough.
And if you snag the WhatsApp desktop app, take a look at some of our tips for chatting with it:
Image Credit: sdecoret/Depositphotos