WhatsApp latest security feature may be a nuisance for password manager users

Martin Brinkmann
May 23, 2023
Updated • May 23, 2023
Mobile Computing
|
1

WhatsApp users may set up the application to create automatic backups of their data; this is useful for several purposes, including moving from one device to another without losing all messages and other data in the process.

The messaging service supports end-to-end encrypted backups since 2021, which protect backups with a custom password that the user selects. This resolves the issue that WhatsApp backups are not encrypted during transport from the device to the cloud storage.

Soon, WhatsApp will ask users to type the password for their backups regularly. It is a security precaution to make sure that users have not forgot their passwords. To continue, WhatsApp users need to type the backup password and hit the continue button.

In the case that they forgot the password, they may select "turn off encrypted backups" instead. Later, they may restore encrypted backup functionality by setting a new password in WhatsApp.

Wabetainfo discovered the new feature. It is available in the latest versions of WhatsApp for Android and iOS, and will roll out to more users in the coming weeks.

The password reminder reduces the risk of losing complete access to backups and the ability to restore backups. Users who forget the password can't restore backups anymore.

WhatsApp users may configure encrypted backups under Settings > Chats > Chat Backup > End-to-end encrypted backup. Note that WhatsApp backups consume space on the cloud storage service.

Potential issue for password manager users

The password reminders will be displayed regularly to users, which may pose a problem for users who use password managers.

If the WhatsApp password is stored in a manager, that manager needs to be opened to access the password to complete the WhatsApp prompt. WhatsApp users who use a password manager on other devices only are affected by this even more.

WhatsApp could resolve this by making the prompts optional. A switch in the Settings could allow users to turn off the prompts. If WhatsApp adds a scary looking disclaimer to the prompt, it might even keep users who do not use a password manager from turning the feature off.

Closing Words

WhatsApp is already using a similar prompt to make sure that two-factor authentication is working correctly. It is unclear what is going to happen to previous backups if the user can't remember the password anymore.

Now you: do you use WhatsApp's backup feature?

Summary
WhatsApp latest security feature is a nuisance for password manager users
Article Name
WhatsApp latest security feature is a nuisance for password manager users
Description
WhatsApp will display regular prompts to enter the password for encrypted backups soon to users on Android and iOS.
Author
Publisher
Ghacks Technology News
Logo
Advertisement

Tutorials & Tips


Previous Post: «
Next Post: «

Comments

  1. Hitomi said on May 24, 2023 at 11:55 am
    Reply

    Whatsapp and security/privacy? All the cool nerds use Signal, Briar, Threema and Conversations.

Leave a Reply

Check the box to consent to your data being stored in line with the guidelines set out in our privacy policy

We love comments and welcome thoughtful and civilized discussion. Rudeness and personal attacks will not be tolerated. Please stay on-topic.
Please note that your comment may not appear immediately after you post it.