End-to-end encryption is not the default option in Telegram

Telegram

Well-known member
  • Sep 26, 2017
    611
    517
    93
    8
    Sri lanka
    telegram.org
    Do you know that Telegram has end-to-end encryption but it's not a default option? You need to enable it. Here you can learn how to do it.

    Telegram security and privacy tips​

    We explain why secret chats in Telegram are a must, and how to configure security and privacy.
    1611301037937.png

    Facebook’s WhatsApp recently updated its privacy policy, causing many disgruntled users to switch to rival messengers, among them Telegram. Thanks largely to this exodus, Telegram added 25 million new users in just a few days, pushing its user base over the 500 million mark.

    That makes this the perfect time to talk about Telegram’s security and privacy.

    End-to-end encryption is not the default option in Telegram​

    The first thing to know about Telegram is that Cloud chats, as Telegram calls its standard chats, are not end-to-end encrypted. (Here’s why end-to-end encryption is important for privacy.)

    In a nutshell, the absence of end-to-end encryption means Telegram has access not only to metadata (who you wrote to, when, how often, and so forth), as WhatsApp does, but also to the contents of standard chats with no end-to-end encryption. According to Telegram’s privacy policy at the time of this writing, the data is not used for advertising purposes. However, as we know from experience, policies can change.

    How to enable end-to-end encryption for secret chats in Telegram​

    Telegram does have end-to-end encryption — you just need to enable it. Telegram calls chats with end-to-end encryption enabled Secret chats.

    In secret chats, text messages, pictures, videos, and all other files are sent using end-to-end encryption. That means only you and the recipient have the decryption key, so Telegram cannot access the data.

    Moreover, the contents of secret chats are not stored on Telegram’s servers. Because secret chats are saved only on the devices of chat participants, they cannot be accessed from another device — and they disappear when you log out of Telegram or delete the app.

    Secret chats are available in Telegram’s iOS, Android, and macOS apps. The Web version and Windows app do not support secret chats; they cannot ensure secure storage of chats on the device.

    How to create a secret chat in Telegram​

    Current versions of the Telegram apps do not make the secret chat feature easy to find.

    To create a secret chat, you need to open the profile of your chat partner, tap or click the three-dot button (sometimes called More, sometimes not), and select Start Secret Chat.

    How to enable end-to-end encryption in Telegram: Starting a secret chat
    How to enable end-to-end encryption in Telegram: Starting a secret chat
    That opens a chat in which end-to-end encryption is applied to messages (a notification to that effect appears in the chat window at the start). You can also set the time after which messages will be deleted by tapping or clicking the clock icon in the message input box.

    Set up a timer in Telegram's secret chats to delete messages automatically
    Set up a timer in Telegram’s secret chats to delete messages automatically
    Of course, the automatic deletion of messages doesn’t prevent your chat partner from taking screenshots, but if they do, you will be notified about it in the chat. The one exception is if the other person is using the macOS app; in that case you won’t get a notification.

    Here’s another handy tip: Telegram allows multiple secret chats with the same person. Group chats cannot be secret, however, unlike in WhatsApp, which applies end-to-end encryption to all chats by default.

    How to know if a chat is end-to-end encrypted: The padlock icon​

    Because Telegram chats can be either cloud or secret, in some cases it is important to know which type you are using. If a chat contains sensitive information, it should be secret, right?

    Yes, of course. But end-to-end encrypted chats look almost identical to regular ones. To confirm which kind you’re in, look for a padlock icon next to the name or phone number of your chat partner. If it’s there, the chat is secret. If not, then end-to-end encryption is off, in which case you should create a new chat.

    How to check if a chat in Telegram is end-to-end encrypted: Look for a padlock icon
    How to check if a chat in Telegram is end-to-end encrypted: Look for a padlock icon
    You can also tap or click your chat partner’s icon, and if end-to-end encryption is enabled, the words Encryption Key will appear at the bottom of the window that opens.

    How to configure Telegram security and privacy​

    While we’re at it, let’s take a moment to configure security and privacy in the app. Click the Settings button in the lower right corner of the screen and select Privacy and Security.

    Telegram security settings​

    The first step is to make sure no one can read your chats if you accidentally leave your device unlocked and unattended. To do so, select Passcode, tap or click Turn Passcode On, think up a PIN code you won’t forget, set it, and confirm.

    Next, select Auto-Lock and set a low value — 1 or 5 minutes. If your device supports fingerprint or face recognition, you can enable the option here.

    How to set up security in Telegram
    How to set up security in Telegram
    The next step is to set up two-factor authentication to protect your account against hijacking. The primary login method uses a one-time code sent by text, so Telegram lets you set a password as the second factor.

    To do so, on the Privacy and Security tab, select Two-Step Verification (Telegram’s term for 2FA), and set a strong combination. Remember that you will rarely enter this password, so it is very easy to forget; store it somewhere safe, such as in a password manager.

    What will happen if you forget that additional password? You’ll have to reset your account. In essence, that means submitting a request to remove your account completely, after which you will have to wait seven days. After a week, the account will be deleted (including associated contacts, cloud chats, and channel subscriptions) and you can create a new, completely empty account using the same phone number.


    Telegram privacy settings​

    So as not to share unnecessary details with all 500 million–plus Telegram users, configure your profile privacy appropriately. To do so, go through Telegram’s Privacy settings, changing the set values — all options and data are available to everyone by default. We recommend the following:

    • Phone Number → Who can see my phone numberNobody.
    • Phone Number → Who can find me by my numberMy Contacts.
    • Last Seen & Online → Who can see my timestampNobody.
    • Profile photo → Who can see my profile photoMy Contacts.
    • Calls → Who can call meMy Contacts (or Nobody, if you prefer).
    • Calls→ Peer-to-peerMy contacts (or Nobody, if you prefer not to share your IP address with chat partners).
    • Forwarded Messages → Who can add a link to my account when forwarding my messagesMy Contacts.
    • Groups & Channels → Who can add meMy Contacts.
    How to set up Telegram privacy
    How to set up Telegram privacy
    This is also a great time to take a look at Privacy & Security → Data Settings and remove from Telegram storage any information you do not want to be there.
     

    ACHIK

    Well-known member
  • Jun 12, 2015
    11,629
    1,908
    113
    Dane neti ayata meka godak vatinava.

    Api nam ithin den kalayaka idan ova pavichchi karanava.

    Bump
     
    • Like
    Reactions: Telegram