WhatsApp Issues Security Recommendations in Ukraine

The Russian attacks Ukraine stands now are more than missiles and bombs. Today’s war is information war as well, and one of its weapons of it is hacking and fake messaging. In the wake of this, WhatsApp issues instructions for Ukrainians who want to protect their privacy in this ubiquitous danger.

What WhatsApp recommends is turning on two-step authentication. This means that a WhatsApp user will need to log in using two steps. The additional step in this scheme is a 6-digit PIN code that has to be learned by heart. If you forget this code, you can enter an email and request password recovery. Otherwise, you need to wait for one week until you can try again. You can also use a fingerprint lock; it only works, though, if fingerprint protection is enabled on your phone.

These measures are great for those who don’t want their chats read by invaders or collaborationists: if they can’t beat the PIN out of the owner, they can’t access the chats. And a week is a long time at war. This implies that to prevent recovery of the password, you need to not enter an email at all, or at least enter an ad hoc address that is less likely to get hacked.

These recommendations are necessary because WhatsApp doesn’t activate two-factor authentication by default. Users need to turn it on themselves. In usual times, it’s usually an excessive step, but war and crisis require special attitudes.

Maybe these instructions will be useful for the Russian opposition as well. If WhatsApp lasts in Russia at all, in the wake of sanctions imposed on Russia and countersanctions by its authorities. Anyway, these recommendations are versatile and applicable all over the world.

Have you activated two-step authentication on your WhatsApp? And what do you use to protect your privacy? Share your stories in the comments, but don’t disclose your sensitive data!