Guide on WhatsApp Settings and Good Practices
This guide covers settings you can tweak on WhatsApp to have greater control over your data as well as good practices to keep in mind while using the messaging app.
Whatsapp (owned by META) is one of the most popular end-to-end encrypted messaging service. If you use it on your day-to-day it's worth reviewing some of your current settings and how you are making use of the platform.
This guide includes:
- Chat backup settings
- Visibility settings
- App permissions
- Managing desktop sessions
- App security and two-factor authentication
- Good Practices
Chat backup settings
This is one of most important settings to consider in WhatsApp. Because WhatsApp is end to end encrypted, your messages are not stored anywhere but your device by default. This means that if you were to lose or change your device, all messages would be lost. Since this is not desirable for a lot of people, WhatsApp allows users to backup their chat history on the Cloud, either on iCloud for iPhone users or Google Drive for Android users. These backups are potentially a threat to your privacy as anyone with access to your Apple or Google account could access it. It might also be possible for law enforcement to request access to it which is not the case with the conversations stored on your phone.
Changing this setting to "None" is therefore the option that gives you more control over who can access your conversations. This also means that if you want to save some conversation you will need to do so manually.
To disable chat backup:
- Open WhatsApp and tap the three dots in the top right corner
- Tap Settings > Chats > Chat Backup
Visibility settings
Your WhatsApp account might be filled with information about you such as a photo, a status, or an "about" section. If you intend to communicate with people you don't trust, this information might reveal things about you that you'd rather keep private. As a rule a thumb, we suggest always selecting the most private option offered. In most cases, limiting the visibility of these details to "your contacts" should be safe enough, but you might have contact you don't trust in which case it's worth setting the visibility to "nobody" or keeping these things empty (no profile picture, no about or status)
To edit these settings:
- Open WhatsApp and tap the three dots in the top right corner
- Tap Settings > Account > Privacy
Last seen is the feature that allow the person you communicate with to see when you were last inside the app. This can unintentionally reveal that you had access to your phone and internet at the certain time and could be used against you. Setting this to "nobody" disables the feature.
App permissions
On first use, WhatsApp will ask for permission to use the phone. This is used to for the verification process but shouldn’t be used later on. However, if you don’t change this permission, WhatsApp is theoretically able to make phone calls on your behalf. Broadly speaking, we recommend you check the app's permissions to disable anything you don’t use, such as permission to access your phone or location. You will likely find this in your phone settings rather than the app.
To access permissions:
- Hold press on the WhatsApp icon
- Tap the "info" icon
- Tap permission
Alternatively:
- Go to your phone settings
- Look for permissions
- Find WhatsApp
Managing desktop sessions
WhatsApp web allows you to use WhatsApp in a web browser by scanning a QR code. If you use this feature, you need to make sure to disconnect afterwards so that people accessing the same browser session won’t be able to read your conversations. We recommend you use WhatsApp web in private/incognito mode so that it will automatically delete your session when you close the window. You can always see the list of devices with access to your conversations, by tapping the WhatsApp Web option in the menu. This list should always be empty if you’re not currently using a desktop. Tap Log out all devices if you see something you don’t recognise here.
App security and two-factor authentication
If there are chances that your device might be accessed while unlocked, you might want to set up a biometric lock to your app for an additional security layer. Enabling it means that to open WhatsApp you’ll need to provide your biometric (with a scan of your finger or face), the same way you might already unlock your phone. This isn't a perfect solution, as you might be compelled to unlock the app. If you think this may happen, you should consider clearing your history often to avoid giving access to personal and sensitive information.
To set a biometric lock:
- Open WhatsApp and tap the three dots in the top right corner
- Tap Settings > Account > Privacy and then select Fingerprint lock or Screen lock depending on if your phone has face recognition.
You may also want to turn 'security notifications' on. This will alert you when one of your contact’s security code changes. If one of your contacts changes their phone, their security code will be changed. But such code change can also happen in case of hacking. Seeing this notification in a conversation should be a red flag and you should ensure that the person you are communicating with is who they say they are
- Open WhatsApp and tap the three dots in the top right corner
- Tap Settings > Account > Security
Setting up two-factor authentication is an excellent and simple way to add an extra layer of security to your account. This feature allows you to add a password to access your WhatsApp account when logging in from a new device. This will prevent people with access to your SIM card or phone number from logging into your WhatsApp account and potentially accessing your conversations (see more in the backup section above). When enabling the two-steps verification you will be asked for a 6 PIN digit. Use something that you are not using anywhere else. You will also be asked to provide an email. This step is not mandatory, we suggest you only provide an email address if really necessary. Have a look through our guide on password managers to learn how you can set up an authenticator app for two-factor authentication.
To enable two steps verification:
- Open WhatsApp and tap the three dots in the top right corner
- Tap Settings > Account > Two step verification
Good practices
- If a stranger starts a conversation with you claiming to be someone you know, try to ensure that they are who they claim they are before providing any information about yourself
- Joining a group will make your phone number visible to all group members. Before joining a group we recommend you check who the members are as they will have access to this information
- Messaging apps such as Whatsapp are often used to send virus through files and links. We recommend you be very vigilant before downloading anything sent to you on Whatsapp (such as a file or document that requires to be open on your phone) or clicking links sent by people you don't trust.
Found a mistake? An outdated screenshot? Think this could be improved? Check out our Github repository and contribute to help keep these guides up-to-date and useful!
 
   
   
   
   
   
   
   
 
 
