Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

WhatsApp Launches Strict Account Settings for High-Risk Users

MacRumors

MacRumors

macrumors bot
Original poster
Apr 12, 2001
70,805
42,786


WhatsApp is rolling out a new optional security feature called Strict account settings, which is designed to protect users who may be targeted by sophisticated cyberattacks.

whatsapp-strict-account-settings.jpg

Similar in spirit to Apple's Lockdown Mode for iPhone, the feature is aimed primarily at journalists, activists, and public-facing figures. Once enabled, the setting locks various account options to their most restrictive settings.

For example, WhatsApp will automatically block attachments and media from senders who aren't in your contacts, reducing potential vectors for spyware or malicious files. Here's WhatsApp's support explanation about other settings that are impacted:
  • Account security: Two-step verification is turned on. Security notifications are turned on and locked. End-to-end encrypted backups are encouraged for users with backups enabled.
  • Messaging and media: Link previews are turned off. Blocking high volumes of unknown account messages is turned on.
  • Profile and presence: Your Last seen and online, Profile photo, About details, and links on your profile are locked to contacts only or to your pre-established, more-selective list of people.
  • Groups: Only known contacts or a pre-established, more-selective list of people can add you to groups.
Click to expand...
Strict account settings can be found in Settings ➝ Privacy ➝ Advanced. When it shows up for you could depend on your location, as WhatsApp says the rollout is happening gradually over the coming weeks. Bear in mind that you can't control Strict account settings from WhatsApp Web – it can only be accessed from your primary device.

WhatsApp also noted that it has transitioned parts of its codebase to Rust, a programming language known for its memory safety features. The company says this change helps protect photos, videos, and messages from spyware. More technical details are available on Meta's engineering blog.

Article Link: WhatsApp Launches Strict Account Settings for High-Risk Users
 
Article Link
https://www.macrumors.com/2026/01/28/whatsapp-launches-strict-account-settings/
  • Haha
Reactions: Z-4195
Dreamweaver12 said:
Sorry - can any of the more advanced Whatsapp users help me find the setting that stops Meta from digesting the contents of my messages?
Click to expand...
Sure, you just press and hold the app icon, click the red “Remove App” option and click confirm the warning this will delete all data.

In the words of Ripley in Aliens, (with anything Meta/FB) it’s the only way to be sure.
 
  • Haha
  • Like
  • Love
Reactions: Bigg Macc, lxmeta, marte91 and 6 others
Dreamweaver12 said:
Sorry - can any of the more advanced Whatsapp users help me find the setting that stops Meta from digesting the contents of my messages?
Click to expand...

Any source on that claim? Messages are end to end encrypted. They "only" know, who's writing who but not it's content. In fact, WhatsApp had encrypted messaging cloud backups before iMessage
 
  • Like
  • Haha
Reactions: Letrix, lxmeta, Z-4195 and 3 others
Veinticinco said:
Sure, you just press and hold the app icon, click the red “Remove App” option and click confirm the warning this will delete all data.

In the words of Ripley in Aliens, (with anything Meta/FB) it’s the only way to be sure.
Click to expand...

I was literally about to make the same joke about just deleting WhatsApp.

lTkwSSF.gif


More seriously, Meta claims that private conversations are encrypted and only conversations with business accounts can be rifled though. There was a whole thing years ago about them forcing users to accept the new ToS but you could dismiss the request every time you opened WhatsApp.
 
iZac said:
I was literally about to make the same joke about just deleting WhatsApp.

View attachment 2599763

More seriously, Meta claims that private conversations are encrypted and only conversations with business accounts can be rifled though. There was a whole thing years ago about them forcing users to accept the new ToS but you could dismiss the request every time you opened WhatsApp.
Click to expand...
Great minds eh.

It’s funny because it’s true. I was a WhatsApp user before Zuckerberg got his sweaty little palms on it, and despite the E2E encryption assurances (that they’ve quietly tried to circumvent several times now), I no longer have any absolute trust in the platform and use it accordingly. You’re also right in that they definitely snoop on messages from business accounts, that alone makes you wonder if they do the same with personal accounts.
 
AlanMarron said:
Awesome. WhatsApp is the default messaging app in Latin America because of interoperability. Medical appointments, etc are done through WhatsApp.
Click to expand...
That’s weird because the very last thing I’d open up to Meta servers is my medical appointments. In fact, I use it for nothing other than friends and acquaintances (like school parent groups, which I mute and archive for my own sanity).
 
  • Haha
  • Like
Reactions: Letrix, marte91 and Z-4195
Veinticinco said:
That’s weird because the very last thing I’d open up to Meta servers is my medical appointments. In fact, I use it for nothing other than friends and acquaintances (like school parent groups, which I mute and archive for my own sanity).
Click to expand...
Do you live in Latin America?
 
Good to see these advanced security measures. I don't use the app much and definitely not planning on turning this feature on.
 
  • Like
Reactions: mganu
Veinticinco said:
Obviously not. What’s your point? That nobody in LatAm region can effectively opt out of managing their healthcare via WhatsApp? I seriously doubt that. It’s a choice that’s made for convenience only, but I guess some people don’t take their private and confidential data seriously.
Click to expand...
Have you received medical care in Mexico?
 
Veinticinco said:
Obviously not. What’s your point? That nobody in LatAm region can effectively opt out of managing their healthcare via WhatsApp? I seriously doubt that. It’s a choice that’s made for convenience only, but I guess some people don’t take their private and confidential data seriously.
Click to expand...
I guess that you actually have no experience with medical care in Mexico.

Unlike the USA, the only times that I’ve had to provide a government-issued ID is at a hospital (because hospitals insist on payment) or at a clinic that receives a subsidy.

My caregivers have never asked for an ID. I have given them my real name, but I could have said/wrote Juan Quincy Adams and they would have never known of the misrepresentation. Further, I pay in cash and either get no receipt or a hand written receipt.

I am handed all my X-rays, lab reports, MRI discs, 30-second EKGs, and more. They’re about me and belong to me.

Shall I list the medications that I’ve bought in Mexico without an Rx or ID? Browse https://www.farmaciasguadalajara.com/ for a sample of what can be bought.

I suggest that Americans are the ones who are forced into surrendering their medical anonymity. They think that they’re protected by HIPAA, but what it actually guarantees is that the medical industrial complex knows all about them.

My use of WhatsApp for a medical appointment is a big nothing in comparison. A government Ai bot can see that I saw Dra. Blanca but that’s all that they know.
 
AlanMarron said:
I guess that you actually have no experience with medical care in Mexico.

Unlike the USA, the only times that I’ve had to provide a government-issued ID is at a hospital (because hospitals insist on payment) or at a clinic that receives a subsidy.

My caregivers have never asked for an ID. I have given them my real name, but I could have said/wrote Juan Quincy Adams and they would have never known of the misrepresentation. Further, I pay in cash and either get no receipt or a hand written receipt.

I am handed all my X-rays, lab reports, MRI discs, 30-second EKGs, and more. They’re about me and belong to me.

Shall I list the medications that I’ve bought in Mexico without an Rx or ID? Browse https://www.farmaciasguadalajara.com/ for a sample of what can be bought.

I suggest that Americans are the ones who are forced into surrendering their medical anonymity. They think that they’re protected by HIPAA, but what it actually guarantees is that the medical industrial complex knows all about them.

My use of WhatsApp for a medical appointment is a big nothing in comparison. A government Ai bot can see that I saw Dra. Blanca but that’s all that they know.
Click to expand...
Firstly, I’m European not American meaning all your assumptions here are irrelevant. So medical care in Mexico is all offline and tests, lab reports, imaging etc are all physical hard copy only? I seriously doubt that.

As an MD myself, it’s interesting you feel comfortable that your entire clinical history is off-grid and prescription medication supply is under the table. I’m not sure how that benefits continuity of care or clinical oversight of any long-term health conditions, but hey, that’s your choice. Your right to privacy (from govt, state healthcare and/or insurance companies) is commendable which is why it just seems odd that you would then use WhatsApp for medical appointments. Why not phone or even email?

If these clinics (assuming they’re legit) have WhatsApp business accounts, then all your messages, details of appointments, who you’re seeing and how often, plus any cross-referenced content (links to documentation) are accessible by Meta, whose entire business model as we all know, revolves around selling your private and identifiable data to whomever pays them. Your anonymity comfort blanket is just that.
 
Last edited:
AlanMarron said:
Shall I list the medications that I’ve bought in Mexico without an Rx or ID? Browse https://www.farmaciasguadalajara.com/ for a sample of what can be bought.
Click to expand...
Please feel free to share. Without an ID is fine, but without an Rx?! 😳 You state this like it’s a good thing. Prescription-only medications are legally categorised as such and controlled with very good reason that has nothing to do with data privacy.
 
Last edited:
Veinticinco said:
Firstly, I’m European not American meaning all your assumptions here are irrelevant. So medical care in Mexico is all offline and tests, lab reports, imaging etc are all physical hard copy only? I seriously doubt that.

As an MD myself, it’s interesting you feel comfortable that your entire clinical history is off-grid and prescription medication supply is under the table. I’m not sure how that benefits continuity of care or clinical oversight of any long-term health conditions, but hey, that’s your choice. Your right to privacy (from govt, state healthcare and/or insurance companies) is commendable which is why it just seems odd that you would then use WhatsApp for medical appointments. Why not phone or even email?

If these clinics (assuming they’re legit) have WhatsApp business accounts, then all your messages, details of appointments, who you’re seeing and how often, plus any cross-referenced content (links to documentation) are accessible by Meta, whose entire business model as we all know, revolves around selling your private and identifiable data to whomever pays them. Your anonymity comfort blanket is just that.
Click to expand...
The WhatsApp messages typically don’t contain anything but the reminder of an appointment without details. (Our attorney attaches everything!)

Labs are mailed to my Gmail account, which is a complete data leak, however, I was an early adopter of Gmail when it was by invitation, so there’s nothing that authorities don’t already know about me.

I’ve been handed X-rays and MRI discs, etc. Anything that is generated during a visit is handed to me on the spot. Many practitioners in private practice have no staff, so record keeping is the responsibility of patients, not a file clerk.

I’m glad that you identified yourself as an MD—a valuable profession. Continuity of care is a big deal but is a bit of a myth in the USA. My hospitalist buddy says that he does great work in hospital but things frequently fall apart when a patient is discharged.

Lastly, you and I probably have a very deep seated difference of opinion about the acceptance of government controls on what a person puts in his/her body. Should I mention that my internist friend says he always removes many of the Rx’s from a patient’s schedule?

Thanks for caring enough to drill down on this. This has walked afar from WhatsApp but I hope that individuals are helped by seeing that medical care varies from country to country.
 
This is ironic, considering Meta are being investigated for their “normal” account privacy at the same time:

www.theguardian.com

US authorities reportedly investigate claims that Meta can read encrypted WhatsApp messages

A lawsuit filed last week alleges tech firm ‘can access virtually all’ private communications, a claim the company has denied
www.theguardian.com www.theguardian.com

news.bloomberglaw.com

US Has Investigated Claims WhatsApp Chats Aren’t Private (1)

US law enforcement has been investigating allegations by former Meta Platforms Inc. contractors that Meta personnel can access WhatsApp messages, despite the company’s statements that the chat service is private and encrypted, according to interviews and an agent’s report seen by Bloomberg News.
news.bloomberglaw.com news.bloomberglaw.com

If Apple were smarter, they could use the momentum to port iMessage and FaceTime to Android.
 
Last edited:
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back