WhatsApp Reportedly Working on Password-Protected Encrypted Chat Backups
According to reports, WhatsApp is working to increase the security of its cloud backups with a new password protection feature that’ll encrypt chat backups, making them accessible only to the user. WABetaInfo reported last year that the feature was work-in-progress and today it shared screenshots of how it could be presented in the service’s iOS and Android apps.
One of the screenshots reads, “To prevent unauthorized access to your iCloud Drive backup, you can set a password that will be used to encrypt future backups. This password will be required when you restore from the backup.” The app then asks the user to confirm their phone number, and select a password that’s at least eight characters long. Another screenshot warns “WhatsApp will not be able to help recover forgotten passwords.”
WhatsApp declined to comment on the unannounced feature when contacted by The Verge, but WABetaInfo has a good record of accomplishment of unearthing features before they become official. It’s spotted features like adding contacts via QR codes or disappearing messages long before their official announcements.
Although WhatsApp chats are end-to-end encrypted, meaning they’re only visible to the sender and recipient, the service warns that this protection doesn’t extend to online backups stored on Google Drive and iCloud.
Once on these servers, the security of the backups is the responsibility of the cloud service providers, who in the past have made them accessible to law enforcement authorities with valid search warrants. Encrypting the backups with a password only you know would theoretically prevent anyone from accessing your chat history without your authorization.