Quick Read
- WhatsApp launched ‘Strict Account Settings’ on January 27, 2026, targeting public figures and high-risk users.
- The mode blocks unknown media, disables link previews, silences unfamiliar calls, and enables two-step verification by default.
- WhatsApp is now the third major tech platform, after Apple and Google, to offer a ‘lockdown-style’ security feature.
- The rollout occurs amid a lawsuit and public criticism questioning WhatsApp’s encryption and security claims.
- WhatsApp has also upgraded its backend security by integrating the Rust programming language to prevent vulnerabilities.
YEREVAN (Azat TV) – WhatsApp has officially introduced its new “Strict Account Settings” mode, a one-tap security feature designed to offer enhanced protection for users facing sophisticated cyber threats. The rollout, which began on January 27, 2026, positions Meta’s popular messaging platform alongside other major tech companies in offering “lockdown-style” security features, arriving amidst renewed public scrutiny and legal challenges concerning WhatsApp’s encryption claims.
The company stated that the new mode is primarily aimed at public figures, journalists, activists, and other high-risk individuals who may be targets of advanced digital attacks. While end-to-end encryption already protects most users, these additional layers are intended to provide an optional, yet robust, safeguard against highly targeted exploits, as reported by Open magazine.
What Strict Account Settings Entail
Once activated, Strict Account Settings locks an account into WhatsApp’s most restrictive privacy and security options. This comprehensive mode simultaneously enables several protective controls:
- It automatically blocks media and attachments from unknown senders, reducing potential vectors for malware or malicious files.
- Link previews are disabled to prevent exposure to potentially harmful URLs.
- Calls from unfamiliar contacts are silenced, minimizing unwanted interactions.
- Visibility of a user’s “last seen” and online status is restricted, along with profile photos, “about” details, and links, making them visible only to known contacts.
- Two-step verification is enabled by default, adding a critical layer of authentication.
- Security code change notifications are automatically turned on, alerting users to potential security breaches.
- Only known contacts or a pre-established list of people can add users to new groups.
- All calls are routed through WhatsApp servers to mask users’ IP addresses and locations, enhancing privacy.
Users can enable this feature by navigating to Settings > Privacy > Advanced on both iOS and Android devices. Meta has cautioned that while the mode offers stronger protection, it will limit how the app functions, prioritizing safety over convenience.
WhatsApp Joins “Lockdown” Trend
With the introduction of Strict Account Settings, WhatsApp becomes the third major tech platform to offer a dedicated high-security mode. This move reflects a broader industry push toward “lockdown-style” security features designed for users facing advanced digital threats.
Apple first launched its “Lockdown Mode” in 2022 for iPhones and Macs, which disables most message attachments, limits FaceTime calls, and restricts web browsing features. Google followed suit with its “Advanced Protection Mode” for Android, which restricts sideloaded apps and tightens account access. Like its rivals, WhatsApp’s new feature prioritizes safety, resulting in a more restrictive user experience, according to TechRepublic.
Amidst Renewed Security Scrutiny
The launch of Strict Account Settings comes at a time when WhatsApp’s security claims are under heightened scrutiny. A lawsuit filed in San Francisco federal court alleges that Meta can access WhatsApp messages despite the company’s assurances of end-to-end encryption. Public figures, including Tesla and X owner Elon Musk, have also publicly claimed that “WhatsApp is not secure,” urging users to switch to alternative platforms. Telegram founder Pavel Durov similarly questioned WhatsApp’s security posture in 2026.
In response to these allegations, WhatsApp head Will Cathcart firmly rejected the claims, stating that encryption keys are stored on users’ devices, not on Meta’s servers, making it impossible for the company to read messages. He reiterated that WhatsApp cannot access private conversations and that its end-to-end encryption remains intact, as reported by MacRumors.
Under the Hood: Technical Security Enhancements
Beyond user-facing features, Meta has also quietly strengthened WhatsApp’s backend security infrastructure. The company has replaced its older C++ media processing library with Rust, a programming language renowned for its memory safety features and ability to prevent common vulnerabilities. This technical upgrade helps validate media file formats more rigorously, reducing the risk posed by maliciously crafted files and enhancing protection against spyware, according to Dig.Watch.
The introduction of Strict Account Settings underscores a significant shift in how major tech platforms approach user security, moving beyond default protections to offer specialized, albeit more restrictive, safeguards for individuals at elevated risk. This development reflects both growing digital threats and increased public demand for transparency and control over personal data, pushing companies like Meta to adapt their offerings in a rapidly evolving cyber landscape.