According to Whatsapp Two-step verification is an optional feature that adds more security to your account. When you have two-step verification enabled, any attempt to verify your phone number on WhatsApp must be accompanied by the six-digit PIN that you created using this feature.
Upon enabling this feature, you can also optionally enter your email address. This email address will allow WhatsApp to send you a link via email to disable two-step verification in case you ever forget your six-digit PIN, and also to help safeguard your account.
Whatsapp do not verify this email address to confirm its accuracy. If you have two-step verification enabled, your number will not be permitted to reverify on WhatsApp within 7 days of last using WhatsApp without your PIN.
Thus, if you forget your own PIN, but did not provide an email to disable two-step verification, even you will not be permitted to reverify on WhatsApp within 7 days of last using WhatsApp.
After these 7 days, your number will be permitted to reverify on WhatsApp without your PIN, but you will lose all pending messages upon reverifying – they will be deleted. If your number is reverified on WhatsApp after 30 days of last using WhatsApp, and without your PIN, your account will be deleted and a new one will be created upon successfully reverifying.
To enable two-step verification, open WhatsApp > Settings > Account > Two-step verification > Enable.
This feature tries to provide better security features but however might be not easily managed as well.
1. Annoying passcode remembering exercises
Just like annoying pop-ups, WhatsApp’s two-step verification once enabled, may periodically ask users to enter the passcode in trying to help users to remember it. Unfortunately, there is no method to disable this nagging prompt without turning off two-step verification altogether. So much for safety.
2. Mail trail or trouble?
Two step verification feature provides an option to assign an email address for recovery purposes. But it is not mandatory. So if a user forgets to assign an email address, he/she will have no way to recover the forgotten password without entering an email address for the next seven days from the last time the app has been used.
3. Mail verification and exposed to promotions
WhatsApp, in case you provide an email address to activate the two-step verification, doesn’t verify the email address and hence opens the window for pranksters. The company may not be able to figure out if a user is providing a genuine email address however that might backfire on the user.
Even though the email id is not verified, there are chances of being exposed to unwanted clutter of promotional messages and security threats.
4. Risk of deletion of chats post re-verification
The process brings with itself a risk of chats deletion. Once a user reverifies his/her account after 7 days without a passcode, then that user will lose all pending messages upon re-verifying – they will be deleted.
Also, if a user reverifies his number on WhatsApp after 30 days of last using WhatsApp, and without a pass-code, that particular account will be deleted and a new one will be created upon successfully re-verifying.