The security offered by WhatsApp is one of the reasons it is used by so many people, but it is hard for any piece of communications software to be considered too secure – or even secure enough.
Some beta testers of the app have spotted signs that WhatsApp is currently working on further boosting the security it offers. When the feature is complete, it will enable users to add an extra layer of protection with an alphanumeric password.
The optional password comes in addition to the existing system of two-factor authentication, but at the moment it is not quite clear when it may be released to the general public.
The new security feature was spotted by WABetaInfo which shares the news:
WhatsApp is adding an extra layer of security to the registration process by introducing account passwords. The account password is an alphanumeric string that users can choose to set in the app settings. It must be 6 to 20 characters long and include at least one letter and one number. Once set, WhatsApp will indicate whether the chosen password is strong enough. It’s worth noting that users will be able to update or remove their password at any time, providing flexibility and control over their account security. Additionally, setting an account password is entirely optional, so users can decide whether they want this extra layer of protection.
The site goes on to explain a little about how the yet-to-be announced feature will work: “The account password is always required after entering a 6-digit verification code during login. For example, if the user has set up an account password but not two-step verification, WhatsApp will ask the user to enter their account password. If the user has also set up two-step verification, they will first need to enter the 2FA code and then enter their account password. This ensures that even if someone obtains the 6-digit code and the 2FA code, they cannot access the account without the password. In reality, there is no evidence that an unauthorized user could also obtain the two-step verification code, so this situation remains unlikely for now”.
WABetaInfo goes on to say:
WhatsApp plans to introduce passwords to maximize account security in a future update. Passwords add an extra layer of protection beyond the 6-digit verification code, making it harder for unauthorized users to access accounts. This significantly reduces the risk of account takeover, as even if a malicious actor obtains the verification code through SIM swapping or if the device was hacked, they would still need both the two-step verification code and account password to gain access. As a result, account passwords will make it even more difficult for attackers to bypass authentication.
Does this seem like a useful protection tool that you will use? Share your thoughts in the comments below.
