Skip to main content
WABrowse
Channels Groups Communities Categories Countries Tools Blog Guides Leaderboard
Submit Your Channel
Log in Register
Safety & Privacy March 12, 2026 8 min read WABrowse Team

WhatsApp Safety Checklist: 15 Settings You Should Change Right Now

Most people never touch their WhatsApp privacy settings, leaving themselves exposed to scams, spam, and data leaks. Here are 15 settings you should change immediately to stay safe.

WhatsApp Safety Checklist: 15 Settings You Should Change Right Now

Why Your WhatsApp Settings Matter More Than You Think

WhatsApp is the most widely used messaging app in the world, which also makes it one of the biggest targets for scammers, spammers, and privacy violations. The good news is that WhatsApp provides extensive privacy and security controls. The bad news is that most people never touch them, leaving their accounts far more exposed than necessary.

This checklist covers 15 specific WhatsApp settings you should review and change right now to maximize your security and privacy. Each setting takes less than a minute to configure, but together they dramatically reduce your exposure to common threats. For a deeper dive into recognizing scams, read our guide on how to avoid WhatsApp scams.

Authentication and Account Security

1. Enable Two-Step Verification

This is the single most important security setting on WhatsApp, and it is not enabled by default. Two-step verification adds a six-digit PIN that is required whenever your phone number is registered on WhatsApp again — for example, if someone tries to set up WhatsApp on a new phone using your number.

Without two-step verification, an attacker who obtains your SMS verification code (through SIM swapping, social engineering, or other methods) can take over your WhatsApp account. With it enabled, they also need your PIN, which only you know.

To enable: Settings, then Account, then Two-step verification, then Enable. Choose a PIN you can remember but that is not easily guessable (avoid birthdays, sequential numbers, or repeated digits). Add a recovery email address in case you forget your PIN.

2. Set Up Biometric Lock

Enable fingerprint or face recognition lock on WhatsApp so that even if someone has access to your unlocked phone, they cannot open WhatsApp without your biometric authentication. This is essential if you ever leave your phone unattended or if children or roommates have access to your device.

To enable: Settings, then Privacy, then Screen lock (or Fingerprint lock on some devices). You can set a timeout period — choosing "Immediately" provides the strongest protection, though "After 1 minute" offers a practical balance between security and convenience.

Privacy Controls

3. Restrict Who Can See Your Profile Photo

By default, anyone who has your phone number can see your profile photo, even if they are not in your contacts. Scammers use profile photos to create fake accounts that impersonate you, tricking your contacts into sending money or sharing sensitive information.

To change: Settings, then Privacy, then Profile photo, then select "My contacts" or "My contacts except..." to limit visibility. There is rarely a good reason for strangers to see your profile photo.

4. Control Last Seen and Online Status

Your "last seen" timestamp and "online" status reveal when you are using WhatsApp. While seemingly harmless, this information can be used for stalking, monitoring your activity patterns, or verifying that you have seen a message even if you have not opened the conversation (where read receipts would apply).

To change: Settings, then Privacy, then Last seen and online. Set "Last seen" to "My contacts" or "Nobody." For online status, you can select "Same as last seen" to maintain consistent privacy.

5. Manage Who Can Add You to Groups

One of the most common WhatsApp annoyances is being added to random groups without your permission. Spam groups, promotional groups, and even malicious groups can add you without consent unless you restrict this setting.

To change: Settings, then Privacy, then Groups, then select "My contacts" or "My contacts except..." This means that people not in your contacts will need to send you a private invitation to join a group, which you can accept or decline. This single setting eliminates the vast majority of group spam.

6. Control Who Can See Your Status Updates

WhatsApp Status (the stories feature) is visible to all your contacts by default. If you use Status, review who can see your updates. You can share with all contacts, selected contacts only, or all contacts except specific people.

To change: Settings, then Privacy, then Status. Select the option that matches your comfort level. If you rarely use Status, consider setting it to "Only share with..." and selecting a small group of close contacts.

Message Security

7. Enable Disappearing Messages for Sensitive Conversations

Disappearing messages automatically delete messages after a set period (24 hours, 7 days, or 90 days). While this does not prevent screenshots or copies, it reduces the risk of old messages being exposed if a device is compromised or a conversation is accessed by an unauthorized person.

You can set a default timer for all new conversations: Settings, then Privacy, then Default message timer. For existing conversations, you can enable disappearing messages individually within each chat's settings. Consider using the 90-day timer as a default — it keeps conversations accessible for a reasonable period while ensuring that old messages are eventually cleaned up.

8. Enable End-to-End Encrypted Backups

WhatsApp messages are end-to-end encrypted in transit, but chat backups to Google Drive or iCloud are not encrypted by default. This means that even though WhatsApp cannot read your messages, your cloud storage provider potentially can — and so can anyone who gains access to your cloud account.

To enable encrypted backups: Settings, then Chats, then Chat backup, then End-to-end encrypted backup. You will create a password or 64-digit encryption key. Store this securely — if you lose it, your backup cannot be recovered. This setting ensures that your chat history is protected even if your cloud account is compromised.

Device and Session Security

9. Regularly Review Linked Devices

WhatsApp allows you to link up to four additional devices (WhatsApp Web, desktop app, etc.) to your account. If an attacker briefly had access to your phone, they could have linked their device to your account and now be reading all your messages remotely.

To check: Settings, then Linked devices. Review every linked device. If you see any device you do not recognize or no longer use, tap it and select "Log out." Make it a habit to check this monthly. If you never use WhatsApp Web or desktop, there should be no linked devices listed.

10. Silence Unknown Callers

WhatsApp calling has become a vector for spam and scam calls. The "Silence unknown callers" feature automatically silences calls from numbers not in your contacts. These calls still appear in your call log, so you can return legitimate calls, but they will not ring through and disrupt you.

To enable: Settings, then Privacy, then Calls, then Silence unknown callers. This is particularly important if your phone number is widely shared or if you have been receiving spam calls.

11. Protect Your IP Address in Calls

WhatsApp calls normally establish a direct peer-to-peer connection, which can reveal your IP address to the other caller. While this is fine for trusted contacts, it can expose your approximate location to unknown callers. WhatsApp offers an option to relay calls through their servers, hiding your IP address.

To enable: Settings, then Privacy, then Advanced, then Protect IP address in calls. Note that this may slightly reduce call quality since the connection is routed through an intermediate server rather than directly between devices.

Content and Group Safety

12. Be Cautious with Auto-Download Settings

By default, WhatsApp may automatically download media sent to you, including in groups. While WhatsApp scans for known malware, automatically downloading content from unknown senders or spam groups carries inherent risk and consumes storage and data.

To configure: Settings, then Storage and data, then Media auto-download. Consider disabling auto-download for groups entirely and limiting it to "Photos only" for individual chats when on mobile data. This gives you control over what gets downloaded to your device.

13. Review Group Privacy Settings Regularly

If you are a member of multiple WhatsApp groups, review your membership periodically. Leave groups that are no longer relevant, especially large groups where your phone number is visible to hundreds of strangers. Each group you belong to exposes your number to every other member — the fewer groups, the smaller your exposure.

When evaluating WhatsApp groups to join, check for clear group descriptions, stated rules, and active moderation. Our guide on what to check before joining a WhatsApp group covers the key safety indicators in detail.

14. Understand Channel Following Privacy

When you follow WhatsApp channels, your identity is not visible to the channel admin or other followers by default. However, review your channel activity settings to understand what information is shared. Your follows are private unless you choose to share them. When reacting to channel posts, your reaction is anonymous to other followers but may be visible to the channel admin in aggregate statistics.

Account Management

15. Download Your Account Information

WhatsApp allows you to request a report of your account information and settings. This report shows you exactly what data WhatsApp has about your account, including your profile information, group memberships, and settings. Reviewing this periodically helps you understand your data footprint and identify any unexpected account activity.

To request: Settings, then Account, then Request account info. WhatsApp will prepare a report that you can download within a few days. Review the report for any unfamiliar groups, contacts, or settings changes that you did not make.

Building Ongoing Safety Habits

Configuring these 15 settings is a strong foundation, but WhatsApp safety is an ongoing practice. Make it a habit to review your linked devices monthly, audit your group memberships quarterly, keep the app updated to receive security patches, and never share verification codes with anyone — WhatsApp will never ask for them, and neither will any legitimate service.

Be especially cautious when receiving messages from unknown numbers claiming to be from friends, family, or organizations. Verify their identity through a separate channel before responding. If you encounter suspicious groups, report them directly through WhatsApp and warn others. Read our detailed guide on spotting and avoiding WhatsApp scam groups for more protective strategies.

Your WhatsApp account contains years of personal conversations, photos, and sensitive information. Taking fifteen minutes to configure these settings properly is one of the highest-value investments you can make in your digital security.

Tags: #Whatsapp Tips #Whatsapp Privacy #Whatsapp Features #Whatsapp 2026

Share this article

Twitter / X Facebook LinkedIn WhatsApp

Related Articles

WhatsApp Privacy in 2026: Myths vs Reality
Mar 09, 2026 · 7 min

WhatsApp Privacy in 2026: Myths vs Reality
WhatsApp Group Link Safety: What to Check Before Joining
Feb 28, 2026 · 6 min

WhatsApp Group Link Safety: What to Check Before Joining
How to Spot and Avoid WhatsApp Scam Groups
Feb 06, 2026 · 6 min

How to Spot and Avoid WhatsApp Scam Groups

Ready to Get Discovered?

Submit your WhatsApp channel to WABrowse and reach thousands of users looking for quality channels to follow.

Submit Your Channel More Articles

This article is for informational purposes only and does not constitute professional advice. WABrowse is not affiliated with WhatsApp Inc. or Meta Platforms, Inc. "WhatsApp" is a trademark of WhatsApp LLC. See our Terms and Privacy Policy.