WhatsApp develops password-encrypted backups
Reports indicate that WhatsApp is increasing the security of its cloud backups with a new password protection feature that encrypts chat backups, making them only accessible to the user.
WABetaInfo reported the feature, which has been in development since last year, but today it shared screenshots of how it was presented in service applications across iOS and Android.
One of the screenshots says: You can set a password that is used to encrypt future backups in order to prevent unauthorized access to the iCloud Drive backup.
According to the information, the application asks for the password when restoring from the backup, with the user being asked to confirm the phone number and choose a password consisting of at least eight characters.
Another screenshot warns that WhatsApp will not be able to help recover forgotten passwords.
Although WhatsApp conversations are end-to-end encrypted, which means that they are only visible to the sender and recipient, the service warns that this protection does not extend to online backups stored via Google Drive and iCloud.
After accessing these servers, the responsibility for backup security rests with the cloud service providers, who in the past made them accessible to law enforcement.
Encrypting the backups with a password that only the user knows prevents anyone from accessing the chat history without permission.
These recent reports on this feature come as WhatsApp's reputation has taken a hit due to the new privacy policy, which has raised concerns that it may store more information with its parent company, Facebook.
Although WhatsApp insists that the new policy does not affect the security of users' personal messages, rival messaging services, such as Signal and Telegram, have seen an increase in interest as users explore other options.
WABetaInfo has a proven track record of feature discovery before it became official, with features such as adding contacts via QR codes or extensible messages long before its official announcements.
• The chat database is already encrypted now (excluding media), but the algorithm is reversible and it's not end-to-end encrypted.
— WABetaInfo (@WABetaInfo) March 8, 2021
• Local Android backups will be compatible with this feature.
The chat DB and media will be encrypted using a password that only you know. https://t.co/WAliLUnF18