[rsaesha]

Yet SMS based authentication still is a thing. Like SIM duplication and fake bases weren't a thing.

Yikes.

[filenox]

That's why you can enable a two-step verification PIN. You're asked to provide this PIN after installing Whatsapp on a new device. https://faq.whatsapp.com/1095301557782068

[jve]

FYI It also asks PIN from time to time on the same device too. Just a small inconvenience.

[pas]

It's a reminder, right? Signal has the same feature.

[switch007]

What do you suggest as an alternative, taking in to account their 2 billion users?

[JohnFen]

Using one of the standard authenticator apps would be much better, and at least as feasible as SMS.

[UncleMeat]

The authenticator apps are just as weak as SMS against phishing, which is a gazillion times more common than sim swaps.

The authenticator apps cause loss of credentials more often because people don't back them up and then drop their phones in the toilet. The thing that makes SMS weak to sim swaps is also the thing that keeps a mountain of people from losing access to their accounts.

[rsaesha]

Sorry, that goes as paid work on my book. I'm sure you understand.

[switch007]

Ah ok just criticisms come free ;)

[rsaesha]

Correct, and valuable answers command balanced compensation.