WhatsApp is rolling out a new “Strict Account Settings” mode aimed at bolstering security for users facing targeted cyberattacks. The update, announced January 27th, comes amid growing concerns about refined spyware and data breaches affecting messaging platforms globally[3]. while standard end-to-end encryption remains in place, the new settings offer an additional layer of protection for journalists, activists, and others at higher risk [[2]].
WhatsApp is bolstering its security features with a new “Strict Account Settings” mode designed to protect users at higher risk of sophisticated cyberattacks. The update comes as the messaging app, used by billions globally, remains a frequent target for malicious actors, and reflects a broader industry trend toward enhanced privacy controls.
The new feature, announced January 27th in a post on WhatsApp’s official blog, aims to provide an extra layer of protection for individuals who may be particularly vulnerable to attack, such as journalists and public figures. It builds upon WhatsApp’s existing end-to-end encryption to mitigate risks including those posed by spyware.
Enhanced Security with WhatsApp’s New Settings
Dubbed “Strict Account Settings,” the feature is currently rolling out to users progressively. WhatsApp details the functionality in its FAQ section, explaining that it offers extreme protection for users requiring a higher level of security than standard measures provide.
Users can activate the settings by navigating to Settings > Privacy > Advanced and toggling the feature on. Once enabled, Strict Account Settings enforces two-step verification, automatically blocks multimedia and attachments from unknown senders, silences calls from unfamiliar numbers, disables link previews, and restricts access to last seen/online status, profile photos, and “About” information.
WhatsApp emphasizes its commitment to user privacy, starting with end-to-end encryption, but acknowledges that some users require additional tools to enhance their security. This move comes in the wake of reported data breaches and the exploitation of WhatsApp vulnerabilities by spyware like Pegasus, as reported by Bleeping Computer.
The feature is designed to defend against infrequent, highly sophisticated cyberattacks, rather than everyday threats. While not necessary for all users, it provides a valuable option for those who may be specifically targeted.
Standard Mode vs. Strict Account Settings
| Function | Standard Mode (Default) | Strict Account Settings (Enabled) |
|---|---|---|
| Two-Step Verification (2FA) | Optional (Recommended) | Required |
| Files from Unknown Senders | Allowed | Automatically Blocked |
| Calls from Unknown Senders | Allowed | Silenced |
| Link Previews | Enabled | Disabled |
| ‘Last Seen’ & ‘Online’ Visibility | Configurable | Blocked for Unknown Contacts |
WhatsApp is also gradually migrating to the Rust programming language to further strengthen protection against spyware targeting photos, videos, and messages. This proactive approach to security underscores the company’s commitment to safeguarding user data.
Frequently Asked Questions They are an optional new security feature designed for users needing a higher level of protection than standard settings, such as journalists, to defend against sophisticated cyberattacks.
It’s primarily intended for high-risk users who may be targeted by advanced cyberattacks and spyware. It’s not a necessary feature for the average user.
When available on your account, you can activate it by going to Settings > Privacy > Advanced and checking the corresponding box.
What are WhatsApp’s Strict Account Settings?
Who is this new feature designed for?
How do I activate this extra layer of security in WhatsApp?
