WhatsApp chats are more than just simple texts. We all know about it. We share photos, videos, bank account details, contacts and what not on WhatsApp. And with so much personal data, the main idea of creating WhatsApp was to come up with a way in which you can connect with your family and friend through an instant-messaging app, however, in recent years, it has also become one of the most popular mediums or sharing media and documents. You might be using WhatsApp for a long time but when it comes to ‘how to secure your WhatsApp account’, there are some simple tips or measures that you need to follow in order to ensure that your WhatsApp date stays secure. With the introduction of end-to-end encryption in 2016, WhatsApp made sure that the message details do not fall into wrong hands. But then, that’s not the end of the bargain. There are many steps that we, as users, should take to make it more secure.
The problem is When exchanging private communications with someone, you can never be 100% certain that the person on the other end of that communication is who they purport to be. The “last mile” that ensures that you are communicating with the person whom you think you are communicating with requires that you meet that person face-to-face. This is true of all encryption mechanisms.
Two-factor authentication or 2FA is one of the most important online security measures and if a service supports it, you should avail it. Two-step verification adds a periodic passcode to your WhatsApp account and also ensures that your WhatsApp data can’t be by anybody else.To activate Two factor authentication or 2FA, go to Menu > Settings > Account > Two-step verification > Enable. After following these steps, you will be asked to create a six-digit passcode code which you can easily remember, however, you can also your email address in order to retrieve the PIN in case you forget it.
The web version of WhatsApp has not only made reading and replying to messages easier, but it also lets you access your messages even if your android isn’t in near sight. All you have to do is log in once using the QR code. Simple. In a not-so-rosy scenario, if you forget to log out from a public computer, all your messages and pictures can be read by a stranger. You wouldn’t want that, would you? That’s when the Log out from all computers option comes in handy. Tap on it and all your existing WhatsApp web sessions will be terminated immediately.
Even though WhatsApp encrypts all chats by default, sometimes you want to double-check. It’s good practice to do that while sharing sensitive information like a credit card number with a trusted contact. To verify the encryption, start a conversation with that contact. In the chat window, tap the contact’s name, and then tap Encryption. You’ll see something like this:
This 40-digit pattern is your security code. You can verify this code manually by comparing the digits, asking the contact to scan that QR code, or scanning your contact’s code with the “Scan Code” button. As security researcher Martin Shelton notes, it’s best to use a different messenger to verify that these numbers match.
As mentioned above, WhatsApp comes with end-to-end encryption, however, this also means that WhatsApp backs up all the chats to the Google Drive for Android users or iCloud for iOS users. This further means that if you reinstall your WhatsApp account later, you can retrieve all your chat backup messages, but, it should be noted that it is not encrypted and if you care about your Privacy, you should disable this option.To disable automatic cloud backups on Android, Go to WhatsApp > Menu > Settings > Chats > Chat Backup > Backup to Google Drive > Never. To To disable automatic cloud backups on Android iOS, Go to WhatsApp > Settings > Chats > Chat Backup > Auto Backup > Off.
When a new phone or laptop accesses an existing chat, a new security code is generated for both phones. And WhatsApp can send a notification when the security code changes. This way, you can check the encryption with your friend over a different messenger, ensuring its security.
To turn on security notifications, go to WhatsApp > Settings > Account > Security > Show security notifications and flip the toggle to green, as pictured above.
The main contributor to WhatApp’s meteoritic rise was the fact that anybody can be texted if you just have the contact number. The downside of this feature is that your wonderful profile picture can also land in the wrong hands. All they need is your contact number. It can happen almost certainly that a profile picture that you have on WhatsApp is linked with the one from a social network, or that it is located on the site of a company. In this case, if your image is publicly available, the hacker can use it, search for you on the Internet through the services of Google’s image search and get into possession of your valuable and personal data.
It is therefore advised that the picture is only visible to people you have in your contact list, or shared among the people you know. This option is easy to configure on the application, in all its versions. Good news is, this can be easily averted if the access to the profile picture is restricted. Head over to Privacy and switch from the default Everybody option to the more friendly My contacts. From now on, only the contacts which you have saved will be able to see your profile picture.
Not sure you want people to know when you’re coming on and offline? It may not seem like vital information, but if a scammer already knows some other things about you, adding that last piece of contextual information could prove useful to them – whether you’re awake or not; at home or overseas; coming out of the cinema or getting off a flight. Or you just might not want contacts – especially colleagues, or your boss – to know you’re checking WhatsApp at your desk. You can disable or restrict who sees your ‘last seen’ time in WhatsApp’s ‘Profile’; ‘Privacy’ menu.
However, when someone is trying to hack your account, this information could be of high importance if you were last seen in a few hours, and you will be absent for a long time and hence you would be powerless to protect your account. On the other hand, hide “last active” labels may simply mean the preservation of your privacy on the additional level. Settings for this option can be changed in each version of the WhatsApp application.
WhatsApp itself will never contact you through the app. Also, WhatsApp does not send emails about chats, voice messages, payment, changes, photos, or videos, unless you email their help and support, to begin with. Anything offering a free subscription, claiming to be from WhatsApp or encouraging you to follow links in order to safeguard your account is definitely a scam and not to be trusted. WhatsApp is fast turning into a den of suspicious links, misleading contents and a magnet for phishing scandals.
One should always avoid sending personal data like phone number, credit card details, address, or e-mail addresses through WhatsApp because such information is already known to your close friends and moreover, it should not be accessible to anyone. It is also recommended to install a VPN which will help you in encrypting your internet traffic while also ensuring that the data passing from your device cannot be intercepted, especially when you are using public Wi-Fi.
In an unfortunate incident of a lost or stolen phone, make sure that the WhatsApp account is also deactivated along with the SIM deactivation. WhatsApp offers users simple and effective security tips to keep control of your account if your phone is lost or stolen. As well as locking your SIM card through your network provider, WhatsApp recommends that you immediately activate WhatsApp with the same phone number on a different phone, with a replacement SIM. The app can only be used by one number on one device at a time, so by doing so you instantly block it from being used on your old phone. If that’s not possible, WhatsApp can deactivate your account.
use common sense you would with any form of digital communication. Don’t send personal information if you can possibly avoid it, like addresses, phone numbers, email addresses and never send your bank, social security or credit card details, or your passport or other identifying details.