Friday, February 10, 2017

WhatsApp increases account security with two-step verification – The Andes (Argentina)

WhatsApp joined as of today and at the global level an optional feature called “two-step verification”, through which the user to activate an account is not only you should place your phone number but also to create a unique six-digit code, with the goal of increasing security.

The function, which since November was in test mode (beta), will begin to be available starting today, both Android, iOS and Windows Phone.

To enable it, the user should open WhatsApp, go to “Settings” then to “Account”, getting to “two-step Verification” and finally to “Enable”.

In this way, when you want to activate an account on the service, you must not only enter your phone number -as requested originally-, but you can also choose to create a key of six digits unique to increase security.

“When you enable this function, optionally you can enter your address e-mail. Which will allow us to send you a link with which you can turn off the verification in two steps, in case you forget your six-digit code, and thus protect your account,” reported WhatsApp -bought by Facebook in 2014 – in his official blog.

however, the company clarified that it does not check this e-mail address to confirm its validity.

therefore, recommends to its users that have a valid e-mail address so that you are not denied access to your account if you ever forget the code.

An important point -warned WhatsApp – is that if the user were to receive an e-mail to turn off the function “two-step verification” that you have not requested, you should not click on that link because you can be someone who is trying to verify your phone number.

on the other hand, WhatsApp explained that if the user has enabled two-step verification, will be seven days without having used that service for your number to be able to verify it again.

this way, if the user forgets his code, and you do not receive an e-mail to turn off two-step verification, you will have to wait seven days to re-verify your number.

once you spend those seven days, you will be able to verify your number without the need to enter the code, but all messages that you have received during this period will be erased and cannot be recovered.

Now, if you have passed 30 days since you used WhatsApp for the last time, without the code, and the user checks her number again, the account will be deleted but you can create a new one, verify your number and create a new code.

This new security tool is added to the protocol encryption end-to-end, WhatsApp introduced last year to encrypt the messages of its users, and avoid being intercepted by third party.

In this sense, the past month came to light in an investigation conducted by the cryptographer Tobias Boelter, who had detected a vulnerability in WhatsApp through which you could intercept and read the messages of its users, despite the encryption.

This vulnerability has generated a lot of controversy in that some experts it was a “back door” (backdoor), a technique placed intentionally, although others felt that it was an “advantage of usability”.

Until that moment, that controversy was not resolved in both that WhatsApp handles a source code closed (unlike the Signal that it is open), and therefore not what you can review, agreed specialists in computer security.

LikeTweet

No comments:

Post a Comment