Just a few weeks ago I was at a Birthday party with some friends, and I was asked if Whatsapp is really secure. "Depends on how you use it" I said.

My friend has a teenage daughter who started using Whatsapp to communicate with her friends and family. Her security depends on if she is aware of the dangers of the Internet, and some configuration too which tweaks the default configuration in Whatsapp which makes it more secure indeed. All information is updated for version 2.12.367.

Anytime somebody gets your mobile number, some information is automatically exposed, such as your profile photo, "last seen" date and status. No matter if you’ve never heard about that person, you are just giving some personal data that could be used against you. Remember the number one rule of security is not to give information. So let’s change this: You will find on the settings/account/privacy menu the fields to change the behavior for "Last seen", "Profile photo" and "Status". For each field you have 3 options: "Everyone", "My Contacts" and "Nobody". This last option is the most extreme and secure of all of them.

You will find in this menu the option "read receipts". When it’s off it won’t display the blue sign after reading a message. Consider when you deal with privacy menu Whastapp won’t display back to you those options that you turned off. This way, you don’t expose some information, and refuse to show the other one. Fair enough! So far you will be protected from information leakage to unknown people.

You might want to keep your ability to see other’s status and hide your own. If this is the case you will find this workaround interesting: Turn off WiFi/3G, and get into Whatsapp. Then, read and send your messages. Once you’re done, return to the home screen and turn the WiFi/3G on again. Your messages will be sent and your last online status won’t change. I know turning data off and on is a hassle, but that’s because it is a non-official workaround. At least you will avoid your wife saying: "What were you doing? I sent you a message and you haven’t replied, but you were on Whatsapp and read it, I know it!"

If you are a Whastapp Web fan you have to keep this on mind: Logout anytime you are done. Leaving your web sessions open puts you at risk, and your account could be compromised.

In the event of misplacement or theft of mobile phone I recommend you to quickly install it in another device under the same phone number. This will inactivate the old account as Whastapp servers only allow one verified client.

If you don’t like to see your received photos and videos in your gallery, I have some good news for you: it can be disabled. If you have an iPhone just go to "privacy" menu, then "photos" and disable the whatsapp option to prevent its media to be a part of the photostream. This is a bit more complicated for Android, but not impossible. You need to access to "videos" and "images" folder with your PC or any file management application, and add an empty file called ".nomedia" on each folder to tell Android not to scan these folders.

Talking about photos and videos, let me tell you something that you never ever should do with instant messaging: Sending naked –or very private- photos/videos of yourself. There are some risks about this:

  • Someone could be intercepting your traffic network.
  • Your device or your friend’s one at the other side can have malware than can access your files on your device.
  • You could lose your phone, or someone could steal it.

In every case the result is the same: Your naked backside will be exposed without your authorization. This already happened to some celebrities!

And last but not least, you have to know: Whastapp is one of the most favorite applications for snoopers. I am sure that you have nothing to hide, and it’s all about your pride and privacy right. You can prevent from snooping by using application lock feature available in your mobile. It will ask you for a password or unlock pattern anytime you start the application. This might sound like a pain in the neck, but you will soon get used to it. If your device has a fingerprint reader you can use it to unlock it quickly!

Keep it secure!