How to set up two-step verification on WhatsApp?

by Tim

Updated on May 21, 2024


Keeping your online accounts safe and secure should always be a top priority. In today's digital world, we share so much personal information across various apps and platforms. From private messages to financial details, a lot is at stake if your accounts get compromised.

That's why features like two-factor authentication (2FA) have become increasingly crucial. 2FA adds an extra layer of security by requiring both your password and a second verification step to access an account. This makes it much harder for bad actors to hijack your information, even if they manage to get ahold of your password.

While WhatsApp is one of the most popular messaging apps globally, it wasn't until recently that they added support for 2FA. By enabling this feature, you can rest assured that your WhatsApp account is better protected from unauthorized access, even if someone manages to get your phone number. It prevents others from easily verifying your account on a new device.

What is Two-Step Verification on WhatsApp?

Two-step verification is an optional security feature offered by WhatsApp to add an extra layer of protection to your account. It works by requiring you to enter both your phone number and a 6-digit personal identification number (PIN) when re-registering your account on a new device.

The key benefits of enabling 2FA on WhatsApp include:

  • Preventing unauthorized access even if someone gets your phone number
  • Stopping bad actors from verifying your account on another device
  • Adding an extra security step beyond just your phone number

When you set up two-step verification, you'll create a custom 6-digit PIN. Whenever you need to re-verify your WhatsApp account after reinstalling the app or switching phones, you'll be prompted to enter this PIN along with the regular 6-digit code sent to your number.

You'll also be asked to provide an email address during setup. This allows you to reset your 2FA PIN if you happen to forget it down the road by requesting a reset link be sent to that email.

WhatsApp's 2FA implementation has been available since 2017 on both the Android and iOS apps. It helps bring WhatsApp's security features more in line with other popular messaging services that already offer multi-factor authentication options.

How to Set Up Two-Step Verification on WhatsApp

Enabling two-step verification on WhatsApp is a straightforward process that just takes a couple minutes. Let's go over how to get it set up:

On WhatsApp Web:

  1. Open in your web browser
  2. Click the Menu button (three dots) in the top right
  3. Select "Two-step verification" under Settings
  4. Click "Enable"
  5. Enter a 6-digit PIN of your choice
  6. Re-enter the PIN to confirm it
  7. Enter an email address to allow PIN resets
  8. Click "Next" and you're all set!

On Android:

  1. Open the WhatsApp app and go to Settings > Account
  2. Tap on "Two-step verification"
  3. Tap "Enable"
  4. Enter your desired 6-digit PIN
  5. Re-enter the PIN to confirm
  6. Enter an email address for PIN resets
  7. Tap "Done"

On iOS:

  1. Open WhatsApp and go to Settings > Account
  2. Tap "Two-step verification"
  3. Tap "Enable"
  4. Create a 6-digit PIN
  5. Re-enter the PIN to confirm
  6. Enter an email for PIN reset purposes
  7. Tap "Done" to finish setup

A few notes on setting up 2FA:

  • Don't forget or lose your 6-digit PIN! You'll need it to verify new devices.
  • The email address is optional but highly recommended to allow for PIN resets.
  • WhatsApp will periodically ask you to re-enter your PIN to verify you still have access.
  • You can disable 2FA at any time from the account settings if needed.

Setting a strong, memorable PIN that combines numbers and letters is crucial, as is keeping your associated email account secure. Don't share your PIN with anyone. With two-step verification enabled, any attempt to verify your WhatsApp account on a new device will require both your phone number and PIN.

Managing Two-Step Verification Settings

Once you've enabled two-step verification on WhatsApp, you can manage your settings at any time from the same menu where you initially set it up.

To change your 6-digit PIN:

  1. Go to Settings > Account > Two-step verification
  2. Tap "Change PIN"
  3. Enter your current PIN
  4. Create a new PIN and re-enter to confirm

To update the email address linked to your account:

  1. Go to Settings > Account > Two-step verification
  2. Tap "Change Email Address"
  3. Enter the new email address
  4. Confirm the new email

If you ever want to disable two-step verification entirely, you can do so by:

  1. Going to Settings > Account > Two-step verification
  2. Tapping "Disable"
  3. Enter your PIN
  4. Confirm you want to disable it

However, it's generally recommended to keep 2FA enabled to maximize your WhatsApp account's security. If you do choose to disable it, you can always re-enable it later by following the original setup steps.

Be sure to update your PIN and/or email address any time you feel they may have been compromised. Enabling two-step verification is pointless if bad actors obtain your PIN and email details.

How to Reset Your Two-Step Verification PIN

While enabling two-step verification significantly strengthens the security of your WhatsApp account, it's important to have a way to regain access if you forget your 6-digit PIN or lose the device it was created on. Thankfully, WhatsApp provides multiple methods for resetting your PIN code.

Resetting with an Email Address 

If you had the foresight to provide an email address when initially setting up two-step verification, resetting your PIN is a straightforward process:

  1. Open WhatsApp and tap "Forgot PIN?"
  2. Tap "Send Email" to request a PIN reset link be sent to your email
  3. Open that email and tap on the reset link
  4. Back in WhatsApp, tap "Forgot PIN?" again then "Reset"
  5. Create and confirm a new 6-digit PIN

As long as you still have access to the email account you provided, you can reset your PIN immediately this way. This is why it's highly recommended to supply an email during two-step setup.

Resetting with an SMS One-Time Password 

If you originally received your 6-digit WhatsApp registration code via email, rather than SMS, you can reset your PIN using an SMS one-time password instead of email:

  1. Open WhatsApp and tap "Forgot PIN?"
  2. Tap "Send Code" to get a one-time code sent via SMS
  3. Enter that SMS code
  4. Create and confirm a new PIN

7-Day Waiting Period 

In situations where you didn't provide an email or have lost access to it, as well as if someone else set up two-step verification before you, there's one remaining option - but it requires waiting 7 days first.

This 7-day delay is a security precaution by WhatsApp to prevent abuse. It starts from the last time your account successfully connected to WhatsApp's servers. Once that period has elapsed:

  1. Open WhatsApp Settings > Account > Two-step verification
  2. Tap "Change PIN"
  3. Create a new 6-digit PIN

Regardless of the reset method used, anyone logged into your WhatsApp account will be automatically logged out during the process, and your new PIN will be required to re-verify your phone number on new devices going forward.

Best Practices for Using WhatsApp 2FA 

While enabling two-step verification is an important security measure, there are some additional best practices to follow:

  • Use a unique, secure PIN - Don't use easily guessable numbers like 123456. Create a random PIN that's hard to crack.
  • Keep your PIN private - Never share your 6-digit WhatsApp PIN with anyone, even friends or family members.
  • Secure your email - Since your email can be used for PIN resets, keep it locked down with a strong password and 2FA.
  • Update WhatsApp regularly - Always use the latest WhatsApp version to ensure you have the newest security patches.
  • Beware of suspicious messages - Never provide your PIN to anyone claiming to be "WhatsApp Support" - this is a common scam.
  • Use biometric locks - Enable fingerprint or face unlock on your phone to prevent unauthorized WhatsApp access.
  • Consider backup options - Like setting up WhatsApp on a secondary device you control in case your main device is lost/stolen.

Following these tips can maximize the security benefits of using WhatsApp's two-step verification. The extra couple of minutes to enable it is well worth protecting your private chats and information.

Competitive Analysis

WhatsApp's two-step verification offers a step towards security, but it lacks the robustness of alternatives like Signal. Unlike other apps, WhatsApp uses static 6-digit PINs instead of rotating codes, posing a risk if compromised. The 7-day waiting period for PIN reset adds to the challenge. Despite limitations, it provides a basic defense, and future updates may enhance security.

FAQs About WhatsApp Two-Step Verification

Why should I enable 2FA on WhatsApp? 

Two-step verification adds an extra layer of security to your WhatsApp account beyond just your phone number. It prevents anyone else from verifying your account on a new device, even if they manage to get access to your phone number. Enabling 2FA helps protect your private messages and data.

What if I forget my 6-digit PIN? 

If you provided an email address during setup, you can reset your PIN immediately by requesting a reset link be sent to that email. If no email is attached, you'll have to wait 7 days after your account last connected successfully, then create a new PIN in the settings.

Does WhatsApp save or have access to my PIN? 

No, WhatsApp does not have any record of your 6-digit PIN code. It is private information that only you know. WhatsApp cannot reset or retrieve your PIN for you if forgotten.

How often do I need to enter my PIN? 

WhatsApp will periodically prompt you to re-enter your PIN while using the app, even on your main device. This is to verify that you still have access and control over that PIN.

Can I disable two-step verification later? 

Yes, you can disable 2FA at any time by going to Settings > Account > Two-step verification and tapping "Disable." However, it's recommended to keep it enabled for maximum account security.

Does Web WhatsApp support 2FA? 

Yes, you'll be prompted to enter your 6-digit PIN anytime you attempt to log into your account on WhatsApp Web or re-verify your connection.

What if someone maliciously enabled 2FA on my account? 

If someone else sets up two-step verification on your WhatsApp account before you, your account will be automatically locked for 7 days once you try verifying again. After that period, you can reset the PIN in the settings.


Enabling two-step verification is an essential security measure to protect your WhatsApp account and personal information. By requiring both your phone number and a custom 6-digit PIN to verify new devices, it prevents unauthorized access and account hijacking.

While setting up 2FA on WhatsApp is quick and straightforward, be sure to follow best practices like using a strong PIN, enabling biometric locks, and providing an email address for easy PIN resets. If you do happen to forget or need to change your PIN, WhatsApp provides multiple recovery methods.

With two-step verification enabled combined with WhatsApp's end-to-end encryption, you can safely use the app with peace of mind that your chats and data are secure. Take a few minutes today to enable this crucial account protection feature.


HomeBlogWhy WAWCDWAWCD VS OthersRoad Map


Contact usGuideChangelogLegal




5900 Balcones Drive STE 17554 Austin TX 78731