Popular messaging service WhatsApp offers users of its latest version an additional layer of security with so-called two-factor authentication (2FA). By entering a six-digit PIN code, they can protect their accounts from being taken over by an attacker.
Previously, a single text message with a code sent when registering an account was the sole line of defence, enabling tech-savvy attackers to gain access to the account with a copied SIM card and the intercepted message.
With the new security solution, the attackers would also need to know the PIN set by the user.
In order to set up the 2FA protection, users must call up the settings and select the “Verification in two steps” option. Now they can choose a six-digit code, which they should take care not to forget. An e-mail address can also be saved.
As reported by t3n.de, moving the WhatsApp account to a new phone with 2FA enabled will only be possible if the six-digit code is entered. In addition, the app regularly asks for the security code – to help users keep it in mind.
A small back door is also available to forgetful people: If you entered your e-mail address when setting up 2FA, you will be able to deactivate the safety mechanism if necessary.
-dpa