WhatsApp has started rolling out the two step verification security feature for its users on Android, iOS and Windows. As a part of the new feature, users will be able to verify their number on the app on a new device more securely by using a six-digit passcode.
But how secure or easy is the new feature? Here are four reasons why you could ignore the new security feature:
1) Mail trail or trouble?
The new two step verification feature provides an option to assign an email address for recovery purposes. But it is not mandatory. So if a user forgets to assign an email address, he or she will have no way to recover the forgotten password without entering an email address for the next seven days from the last time the app has been used.
2) Mail verification and exposed to promotions
WhatsApp, in case you provide an email address to activate the two-step verification, doesn’t verify the email address and hence opens the window for pranksters. The company may not be able to figure out if a user is providing a genuine email address however that might backfire on the user.
Even though the mail id is not verified, there are chances of being exposed to unwanted clutter of promotional messages and security threats.
3) Risk of deletion of chats post re-verification
The two step verification process brings with itself a risk of chats deletion. Once a user reverifies his or her account after 7 days without a passcode, then that user will lose all pending messages upon reverifying - they will be deleted.
Watch how WhatsApp end-to-end encryption works
https://t.co/zgUQdghCUs - how E2E encryption works.— WhatsApp Inc. (@WhatsApp) August 24, 2016
Also, if a user reverifies his number on WhatsApp after 30 days of last using WhatsApp, and without a passcode, that particular account will be deleted and a new one will be created upon successfully reverifying.
4) Annoying passcode remembering exercises
Just like annoying pop-ups, WhatsApp’s two-step verification once enabled, may periodically ask users to enter the passcode in trying to help users to remember it. Unfortunately, there is no method to disable this nagging prompt without turning off two-step verification altogether. So much for safety.