How to keep your account from getting hacked
open allWhat for: So you do not get hacked.
Two-Step Verification helps secure your data when cybercriminals copy your SIM card or attempt to intercept the text message with the confirmation code to log in to your account. If this option is on, WhatsApp will additionally request a six-digit PIN when you verify your phone number, for example, when you log in on a new device.
To enable PIN-based Two-Step Verification:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Account section;
- Select the Two-Step Verification item;
- Tap Enable. Enter the six-digit PIN that WhatsApp will require when an attempt is made to confirm the phone number. Important! Do not use a simple combination that can be guessed easily, such as 123456 or 111111;
- Enter the same six-digit PIN again;
- The app offers you to add an e-mail address. If you forget the PIN, a PIN reset link will be sent to this address;
- Enter your existing e-mail address. You'll get a confirmation e-mail in your inbox within seconds. You can follow the link in the e-mail body or enter the six-digit code from the message in the app.
You can change the PIN any time:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Account;
- Tap Two-Step Verification;
- Tap Change PIN;
- Enter a new PIN code twice.
You can also change or remove your e-mail address:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Account;
- Tap Email Address;
- Tap Change in the upper right corner of the screen:
- If you need to change the address, remove the old one and type in a new one;
- Tap Next;
- You'll get a confirmation e-mail in your inbox within seconds. You can follow the link in the e-mail body or enter the six-digit code from the message in the app;
- To delete e-mail address, tap Remove in the upper right corner of the screen;
- Tap Remove to confirm your selection.
Downside: WhatsApp will prompt you from time to time to enter your PIN while you use the app.
What for: To get an added level of protection against unauthorized access.
WhatsApp can be set to request Face ID for login confirmation. You can enable this feature if other people have access to your phone and you don't want them to read your correspondence or to modify settings:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Privacy section;
- Tap Screen Lock. If that menu item is inactive, turn on Face ID in the device settings first;
- Turn on Require Face ID;
- Select when the verification will be required after the screen gets locked — you may have to return to the previous menu and then select Screen Lock again:
- Instantly;
- After 1 minute;
- After 15 minutes;
- After 1 hour.
What for: To be sure you're communicating with your contacts, not cybercriminals.
WhatsApp encrypts your correspondence by default, so even if someone intercepts your messages, they will not be able to read them.
The messenger generates unique encryption keys for every chat. These keys change from time to time: for example, if you reinstall the app, change your device or phone number, or don't use WhatsApp for a long time.
Encryption keys are extremely difficult to steal. However, on the rare occasions a cybercriminal can “spoof” your contact's identity while interacting with your app and report an encryption key change, they gain the ability to read your subsequent chat messages (but not your older messages).
WhatsApp can notify you about an encryption key change for specific chats. As a result, you can reach your contact through a different channel (e. g., call, send a text message or a message through a different messenger) and make sure that you are still corresponding with the same person.
To enable security notifications:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Account section;
- Select Security Notifications;
- Turn on Show Security Notifications on This Phone.
From now on, a relevant notification will appear together with the nearest chat message after the encryption key change. After receiving the notification, send your contact a message that contains no personal information and ask through a different channel whether they received it.
What for: To keep strangers from reading your correspondence.
If you open the Web version of WhatsApp on a public computer and forget to log out of it, strangers will be able to read your correspondence and send messages on your behalf. To prevent this, check the list of active devices in the mobile app and terminate the sessions you don't need:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Linked Devices section;
- If you have active WhatsApp sessions on other devices, you will see a list of those. Select the devices you want to deactivate and tap Log Out.
How to prevent your personal data from being exposed
open allWhat for: To keep strangers from reading your messages on the locked device.
WhatsApp messages can appear on the screen of your phone even when it is locked. If you lose your phone or leave it unattended, strangers will be able to read these messages. We recommend hiding text of messages from notifications and disabling notifications on the locked screen.
To stop notifications from showing the message text:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Notifications section;
- Turn off Show Preview.
To stop the app from showing notifications on a locked screen:
- Open the Settings menu on your device;
- Go to the Notifications section;
- Go to Notification Style and select WhatsApp;
- Clear the Lock Screen check box.
Downside: You'll have to unlock the screen every time you want to read your messages.
What for: To prevent the next owner of the number from accessing your correspondence.
The WhatsApp account is linked to a phone number. When you change the number, the system creates a new account. The account linked to your old number will remain active for 45 more days from the time of the last launch of the app. Your old number will be sold to a new owner sooner or later, and if they log in to WhatsApp, they will see your profile photo and account details. To prevent strangers from accessing this information, use the number change feature.
Please note: Before moving your account, you have to log in on the device and then insert the SIM card with the new number into the device.
To change the phone number linked to the account:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Account section;
- Select Change Number;
- Read the instructions and tap Next;
- Enter the old and new phone numbers;
- Tap Next;
- If necessary, enable the Notify My Contacts option and select the contacts to be notified about your number change (bear in mind that contacts in groups that you manage will receive a notification anyway):
- All Contacts;
- Contacts I Have Chats With;
- Tap Custom… to manually select the users you need.
- Tap Done and confirm your number;
- You'll get a call or text message with a six-digit code. Verify your phone number by entering the code.
The number change feature lets you import your profile info and settings into the new account. You will also retain access to your chat history, but only for as long as you use the same device as before.
What for: To add an extra layer of protection to your most secret chats.
WhatsApp lets you lock chats. Locked chats are kept in a separate folder to open which you have to verify your identity.
Please note: You have to set up screen unlock with Face ID on your device before you can use this feature. Besides, the chat will only be locked on the device where you used the feature. The chat will not be locked when you open WhatsApp on another phone or linked device, such as a computer.
To move one or several chats to the Locked Chats folder:
- Tap the chat you want to lock and hold it to open the menu;
- Tap Lock Chat;
- Tap Continue;
- Verify your identity with Face ID.
You can hide the Locked Chats folder in the chat list:
- Go to the Locked Chats folder. The app will ask you to verify your identity;
- Tap Settings in the upper right corner of the screen;
- Turn on Hide Locked Chats;
- Tap Create Secret Code;
- Type the code you came up with in the Secret Code field and tap Next;
- Enter the code again to confirm. Tap Done.
Now, to show the Locked Chats folder, enter the secret code in the search bar at the top of the screen. You can deactivate the feature in the folder settings any time.
To move the chat out of the Locked Chats folder:
- Enter the Locked Chats folder at the top of the chat list. The app will ask you to verify your identity;
- Tap the chat you want to move to the general folder and hold it to open the menu;
- Tap Unlock Chat;
- Verify your identity with Face ID.
What for: To make messages in new chats disappear with time.
If you'd rather not keep chat history, you can set a time after which all messages in new individual chats will disappear without a trace both for you and for the other person:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Privacy;
- Scroll down and tap Default Message Timer;
- Select a period to keep messages in new chats.
You can also turn this on in an existing chat:
- Open the chat with the relevant contact on the Chats tab;
- Tap the contact name to open the menu;
- Tap Disappearing Messages;
- Select a period.
Downside: The other person in the chat can turn disappearing messages on or off as well. A message forwarded from a chat where a default timer is set to another chat won't disappear after the preset period.
What for: To keep WhatsApp from saving files from chats on your phone.
By default, photos and videos you receive in WhatsApp are stored in the phone memory. Since files from your correspondence can be private, we recommend disabling this feature.
To stop showing photos and videos from WhatsApp in the Photo app:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Chats section;
- Disable the Save to Camera Roll option.
You can also remove previously saved media from the chat and the device. Please note: To see the photo or video in the chat again, you'll have to download it manually — and it won't be saved to the gallery then. If the other person also removes the files from their phone, you won't be able to view the files again.
To remove media from the chat and the device:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Storage and Data section;
- Select Manage Storage;
- Select the contact whose correspondence data you want to remove;
- Select the data to remove;
- Tap Clear and confirm your selection.
What for: To keep people you don't want to share data with from seeing it.
By default, any person who has your phone number can view your WhatsApp profile info, message read receipts, as well as your online status and the time of your last visit. If you do not want strangers to view this info, you can hide it or restrict viewing.
To limit the visibility of your personal info:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Privacy;
- Select My contacts or Nobody in the sections:
- Last seen and online;
- Profile photo;
- About.
- Disable the Read Receipts option.
Keep in mind that read receipts cannot be disabled in group chats.
Downside: If you disable the display of read receipts, you will also stop seeing read receipts from other users.
What for: To stop strangers from seeing information that is not intended for them.
WhatsApp status is a short note that is visible to other WhatsApp account owners for 24 hours after publication. By default, your status is visible to all registered app users, which may include cybercriminals and other people with whom you don't wish to share your personal information. We recommend limiting the visibility of your status:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Privacy;
- Tap Status;
- Select My contacts except… to prevent specific users from viewing your status;
- Select Only share with… to let only selected users view your status.
- Tap Done.
What for: To keep scammers from getting a hold of your unencrypted backup.
WhatsApp can create and regularly update a backup copy of your chats in iCloud. However, this copy is not encrypted and can end up in the hands of cybercriminals if it gets leaked or the storage gets hacked. Backup feature is disabled by default. However, we still recommend checking the settings.
To disable backups of your chats in iCloud:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Chats section;
- Select Chat Backup;
- Tap Auto Backup;
- Select the check mark next to Disabled.
Downside: A copy of the chats will be stored on your phone only. When you change devices, you'll have to move over chats manually, and if your device gets lost or stolen, you won't be able to restore your chats.
What for: To view all your data in one place, remove what you don't need, and make a backup of what you do.
You can download a file with correspondence from all your WhatsApp chats. This will help you restore them in case your phone number or device changes or if your account gets blocked or removed:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Chats section;
- Tap Export Chat;
- Select the chat messages from which you want to save;
- Tap Without Media if you want to download only the text of messages, or tap Attach Media if you want to include photos and videos in the archive;
- Select the app or service where the archive will be sent. This can be an e-mail client, a cloud storage, or another messenger. You can also download an archived chat copy to your device or copy it to the clipboard.
Keep in mind that this allows you to receive only the archive of correspondence stored on your device. For security considerations WhatsApp does not store delivered messages on its servers after delivery. Undelivered messages are stored on a server for 30 days and then deleted. So if you have changed your device or removed chat messages, your archive will be incomplete.
You can also receive a file with your account data such as profile photo and chat names.
To download the archive:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Account section;
- Select Request Account Info;
- Tap Request Account Report.
A report containing requested data will be generated in the space of several days. You can view the file readiness date in the same section. A link to the report will appear there later.
What for: To keep a malicious actor from finding out where you are.
The other party on a WhatsApp call can find out your IP address, which sometimes can be used to determine your location. The messaging app helps to additionally protect the caller's IP address during calls made through the app. If you turn on this feature, calls will be relayed through WhatsApp servers, which will keep malicious actors from tracking your whereabouts.
Please note: Group calls are always relayed through WhatsApp servers, so you don't need to enable the option just to protect those.
To hide your IP address:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Privacy;
- Scroll down the page and tap Advanced;
- Turn on Protect IP address in calls.
Downside: Call quality may be reduced, as connections won't be made directly.
What for: So no one knows where you are.
You can share your location in WhatsApp chats or even let the other person track where you are in real time. If you'd like to stop the people you chat with from knowing where you're going, you can check any time which chats the feature is enabled in and turn it off:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Privacy;
- Scroll down the page and tap Live Location;
- If you are sharing your geolocation at least in one chat, you will see a list of chats. Tap Stop Sharing to turn off geolocation sharing in all chats at once;
- Tap Stop Sharing again.
How to defeat spammers and trolls
open allWhat for: To keep out spam.
Any WhatsApp user who knows your phone number can send you a message. If you have been targeted by fraudsters or spammers, you can block the unwanted users. You can also block users from whom you do not want to receive messages for any other reason.
Blocked users will not know you've denylisted them. They will not be able to call you or view your status updates, and any messages they send will be marked as undelivered. You will not see those messages at all.
To block a user:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Privacy;
- Tap Blocked;
- Tap Add New… and select the contact you wish to block.
After you block a user, you will not see their status updates or the time when the user was last online.
To unblock a user, tap the user's name or phone number in the list and then tap Unblock.
What for: To avoid getting unwanted messages.
If a WhatsApp user has your phone number, they can add you to a group. By default, your permission is not required. You can change these settings and specify who can add you to groups:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Tap Privacy;
- Select Groups;
- Select an option:
- Everyone. This option lets all users, even those who are not in your contact list, add you to groups;
- My contacts. Only users in your contact list will be able to add you to groups without your permission. Everyone else will be asked to send a request, which you'll have three days to accept or deny;
- My contacts except... Your contacts, with the exception of those you specify, will be able to add you to groups without your permission. Excluded contacts and users not in your contact list will be asked to send a request.
What for: To avoid being distracted by unwanted calls.
Any user who has saved your number can call you on WhatsApp. It can be a store where you've had a loyalty card issued for you or spammers who got your number as a result of a data leak. If you don't want to be disturbed by calls like that, you can silence them. You'll still see calls from unknown numbers on the Calls tab or in notifications, so you'll know about them, and you'll be able to call back should you need to do so.
To silence calls from unknown numbers:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Tap Privacy;
- Scroll down the page and tap Calls;
- Turn on Silence Unknown Callers.
Downside: You won't hear calls from callers who are not on your contact list but who may be important to you, such as couriers.
How to get rid of unwanted notifications
open allWhat for: To minimize distractions.
If you correspond often in WhatsApp, sound alerts about every new message can get annoying. You can disable sound alerts for chats with specific users, group chats, or all messages.
To disable sound alerts for a specific chat:
- Select a chat on the Chats tab;
- Tap the chat name at the top of the screen;
- Tap Mute;
- This opens a menu where you can choose how long to keep chat notifications muted.
To disable sound alerts for all group chats:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Notifications section;
- In the Group Notifications section, tap Sound;
- Tap Not Selected;
- Tap Save.
To disable sound alerts for all messages:
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Go to the Notifications section;
- In the Message Notifications section, tap Sound;
- Tap Not Selected;
- Tap Save.
You can also mute sounds played for alerts and prompts.
- Open Settings by tapping the cogwheel icon in the bottom right corner of the screen;
- Select Notifications;
- Go to the in-App Notifications section;
- Turn off Sounds and Vibrate.