Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

MacRumors

macrumors bot
Original poster
Apr 12, 2001
67,845
38,493



whatsapp.jpg
WhatsApp is in the process of rolling out a two-step verification feature for the messaging platform from today. The security option has been in testing for several months, but is finally going live for all users of the app.

With the optional feature, WhatsApp users will be able to securely verify their number with a custom-generated six-digit passcode whenever they install the app on a new device. To activate the security feature, users should open the app and tap through to Settings -> Account -> Two-step verification -> Enable.

Upon enabling the feature, users are asked if they want to enter their email address. This is used by WhatsApp to send a link via email to disable two-step verification in case the six-digit passcode is forgotten, and also to help safeguard the account.

To help users remember their passcode, WhatsApp will periodically ask them for it. There is no option to disable this without disabling the two-step verification feature.

WhatsApp is available as a free download on the App Store for iPhone. [Direct Link]

Article Link: WhatsApp Rolling Out Two-Step Verification Security Feature to All Users
 
Collecting email addresses to better match people to existing data?

Seems very likely. If a Facebook user opted out of sharing data with WhatApp, but uses the same mail address for 2FA, it's now possible to identify him on WhatsApp. Heck, they could even try to match the telephone numbers of the people most talked to on WhatsApp with the profiles most talked to on Facebook to create even larger databases about the people who never opted in to data sharing. It's sad to see that privacy is being attacked more and more. And in a not too distant future you'll have to have a good Facebook profile to be allowed to travel, just like that Black Mirror episode and everybody will be wondering how it all came to this...
 
Seems very likely. If a Facebook user opted out of sharing data with WhatApp, but uses the same mail address for 2FA, it's now possible to identify him on WhatsApp. Heck, they could even try to match the telephone numbers of the people most talked to on WhatsApp with the profiles most talked to on Facebook to create even larger databases about the people who never opted in to data sharing. It's sad to see that privacy is being attacked more and more. And in a not too distant future you'll have to have a good Facebook profile to be allowed to travel, just like that Black Mirror episode and everybody will be wondering how it all came to this...

Email is optional!
 
  • Like
Reactions: makr
Email is optional..

I see you insist on making this point to everyone individually. Yes, email is optional, but it is the easier, more stable, less memory-dependent/human error-prone option. If they seriously values privacy, they would have gone with an authenticator application, and so would Facebook. Why force users to choose between trust-your-memory-to-never-fail-you vs give me your email address?

Seriously, f*** WhatsApp and f*** Facebook.
 
I see you insist on making this point to everyone individually. Yes, email is optional, but it is the easier, more stable, less memory-dependent/human error-prone option. If they seriously values privacy, they would have gone with an authenticator application, and so would Facebook. Why force users to choose between trust-your-memory-to-never-fail-you vs give me your email address?

Seriously, f*** WhatsApp and f*** Facebook.
iMessage for Android can't come soon enough. F*** WhatsApp and f*** Facebook.
 
  • Like
Reactions: Cameroncafe10a
Collecting email addresses to better match people to existing data?

Seems very likely. If a Facebook user opted out of sharing data with WhatApp, but uses the same mail address for 2FA, it's now possible to identify him on WhatsApp. Heck, they could even try to match the telephone numbers of the people most talked to on WhatsApp with the profiles most talked to on Facebook to create even larger databases about the people who never opted in to data sharing. It's sad to see that privacy is being attacked more and more. And in a not too distant future you'll have to have a good Facebook profile to be allowed to travel, just like that Black Mirror episode and everybody will be wondering how it all came to this...
Aside from that being optional, as has been pointed out already, if one wanted to use email for this how hard is it to provide some generic email address used for things of this nature that anyone can easily have?
 
Seems very likely. If a Facebook user opted out of sharing data with WhatApp, but uses the same mail address for 2FA, it's now possible to identify him on WhatsApp. Heck, they could even try to match the telephone numbers of the people most talked to on WhatsApp with the profiles most talked to on Facebook to create even larger databases about the people who never opted in to data sharing. It's sad to see that privacy is being attacked more and more. And in a not too distant future you'll have to have a good Facebook profile to be allowed to travel, just like that Black Mirror episode and everybody will be wondering how it all came to this...

For alot of jobs your Facebook profile is reviewed prior to getting an interview or after the 1st interview.
 
I see you insist on making this point to everyone individually. Yes, email is optional, but it is the easier, more stable, less memory-dependent/human error-prone option. If they seriously values privacy, they would have gone with an authenticator application, and so would Facebook. Why force users to choose between trust-your-memory-to-never-fail-you vs give me your email address?

Seriously, f*** WhatsApp and f*** Facebook.
Wow, just set up a junk email account to give them. Who still gives out his main email address in 2017?
[doublepost=1486930389][/doublepost]If they were going to have two-step auth, it should have been that way from the start. The transition always causes confusion, especially if/when they start requiring that old accounts switch to it. I stopped using some of my Gmail accounts just because of how screwed up the auth became.
[doublepost=1486930525][/doublepost]
For alot of jobs your Facebook profile is reviewed prior to getting an interview or after the 1st interview.
That's why I used my fake name on my real account and my real name on my fake account. And my fake account just had my greatest achievements posted on my wall.
 
Last edited:
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.