Increasingly and especially in India, WhatsApp chats are being leaked left, right, and center by numerous agencies. Amid the kerfuffle, several security researchers have pointed out that investigative agencies are using cloud backups to decrypt and retrieve WhatsApp messages. Seeing the loophole, WhatsApp has finally brought the option to protect cloud backups with end-to-end encryption. That means all your WhatsApp messages and media stored on Google Drive or iCloud will now be end-to-end encrypted. And well, if you enable this feature, no one will be able to read your messages except for you. So if you want to turn on end-to-end encrypted chat backups in WhatsApp on your iPhone or Android smartphone, follow our guide below.
We have mentioned everything about end-to-end encrypted chat backups in WhatsApp for Android and iOS in this article. For easier navigation, you can expand the table and move to any relevant section of your choice.
- What are End-to-End Encrypted Chat Backups in WhatsApp?How End-to-End Encrypted WhatsApp Chat Backups Work?Who All Can Access WhatsApp E2EE Cloud Backups?Turn on End-to-End Encrypted WhatsApp Chat Backups on AndroidTurn on End-to-End Encrypted WhatsApp Chat Backups on iPhoneSteps to Turn off End-to-End Encrypted Chat Backups (Android & iOS)Forgot Encrypted Cloud Backup Password in WhatsApp? How to Reset!
What are End-to-End Encrypted Chat Backups in WhatsApp?
In our WhatsApp vs Telegram vs Signal comparison, we noted that WhatsApp messages are end-to-end (E2E) encrypted. That means no one other than the sender and the recipient can read the messages. Not even WhatsApp can read the messages. However, if you use the cloud backup option, be it Google Drive on Android or iCloud on iPhone, those backups are not encrypted by default. Basically, if someone gets access to those cloud backups, they can retrieve your messages since they are not encrypted.
End-to-End encrypted chat backups work similarly to how messages are delivered in a secure manner on WhatsApp. You have to create a password or generate a 64-digit encryption key, and it is used to encrypt and protect the cloud backups both on Google Drive and iCloud. The password or the encryption key is stored on the device itself, which means no one can get access to your cloud backups. Only when you enter the password/ encryption key, the messages can be decrypted and transferred to a new device from the cloud.
Facebook (rebranded to Meta) has explained the technicalities behind encrypted cloud backup in an official blog post. The company says that it has developed a new system to store the encryption key/ password on the device. It’s taking advantage of a hardware security module (HSM) – a special hardware component – on Android and iOS devices to store the keys. Similar to how Apple stores the Face ID data on Secure Enclave and Android stores private keys in HSM, WhatsApp is deploying the same method here.
No one can access WhatsApp end-to-end cloud backups except for you. Not even WhatsApp, Google, or Apple has access to the encryption key or password. The unique key is stored on your device locally, and if you remember the password or have the encryption key, you can decrypt the messages.
Launch WhatsApp and tap on the 3-dot menu icon at the top-right corner. Here, open “Settings” and move to “Chats“.
Next, tap on “Chat backup” at the bottom. You will find a new “End-to-end encrypted backup” option below the “Back Up” button. Tap on it. If the option does not appear on your WhatsApp account, you need to wait for the feature to arrive on your device.
Next, tap “Turn On” to enable End-to-end encrypted backups in WhatsApp. On the next page, you can choose to create a password or use a 64-digit encryption key to protect the cloud backup. I would suggest using the password option for a quick and easy setup.
After that, create a password for your backup. Note that the password must contain at least 6 characters and 1 letter. Also, DO NOT forget the password, or else you will lose access to all your messages. Even WhatsApp or Google can’t help you decrypt your cloud backup since they don’t store the password.
Once you have set up the password, tap “Create” on the next screen, and it will start the encryption process in the background. Once done, all your WhatsApp messages on Google Drive will be encrypted with your unique password.
Turn on End-to-End Encrypted WhatsApp Chat Backups on iPhone
To turn on encrypted cloud backup in WhatsApp on iPhone, move to the “Settings” tab from the bottom navigation bar. Then, go to the “Chats” section, followed by “Chat Backup“.
At the bottom, you will find the new “End-to-end Encrypted Backup” option. Open it and tap on “Turn On“.
Now, you can create a password to protect the encrypted backup. You also have the option to generate a 64-digit encryption key, but a password would be easier to remember. Make sure to memorize or write down the password somewhere, else you won’t be able to decrypt the backup from iCloud if you switch to a new iPhone.
Note: If you want to use a 64-digit encryption key to encrypt and protect your WhatsApp cloud backups, we have included a screenshot of the steps for that process as well. You need to select “Use 64-digit Encryption Key instead,” followed by “Generate Your 64-digit Key”. You then need to tap “Continue” and follow the steps below.
- Once you have set the password, tap on “Create“, and WhatsApp will start encrypting the backup on iCloud. You will now see an “End-to-end Encrypted” tag under the information about your most recent backup.
Steps to Turn off End-to-End Encrypted Chat Backups (Android & iOS)
To turn off end-to-end encrypted chat backup in WhatsApp on Android and iOS, open Settings and move to Chats -> Chat Backup -> End-to-end encrypted backup. Here, tap on “Turn Off“.
Post that, enter your password or 64-digit Encryption key, and tap on “Done”. That’s it. You have successfully disabled end-to-end encrypted cloud backups for your WhatsApp account.
If you have forgotten the password for your encrypted backup stored on Google Drive or iCloud, there is nothing to worry about. You can change it on WhatsApp without having to remember the old password. That said, make sure you still have WhatsApp registered on your device. If you have deleted WhatsApp, you can’t change the backup password while moving to a new device.
Open Settings and move to Chats -> Chat Backup -> End-to-end encrypted backup. Now, tap on “Change Password” and verify your identity using the cloud encryption password. Now, you can easily create a new password for the encrypted backup.