Much like most mobile applications, Instagram also comes with a Two-Factor Authentication (2FA) feature as an added layer of security for its users. At this current time, the Facebook-owned photo sharing platform allows its users to verify their identity with that method via an authentication app, SMS, login requests and backup codes. It appears that it may soon add WhatsApp as an option for 2FA as well, according to a recent finding.
As pointed out by software reverse engineer Alessandro Paluzzi via Twitter, a new toggle to include the private messaging service for 2FA is found in Instagram’s Security page under the Settings menu. Upon activating it, users will be directed to a screen where the app will request for the same phone number that they’ve registered to WhatsApp in order to send the verification code.
The latter step is necessary as there’s currently no direct connection between the two platforms, therefore the only way for Instagram to send you the code is by requesting your phone number. This would be an issue for those who do not wish to share this particular contact information with the platform, especially if they’ve not done so already via their main Facebook account. But fortunately, users are not restricted to rely on WhatsApp for authentication as this is provided as an option rather than a requirement.
#Instagram is working on the possibility of receiving authentication codes (2FA) on #WhatsApp 👀 pic.twitter.com/OeNwHZRArm
— Alessandro Paluzzi (@alex193a) May 22, 2021
It is uncertain on how WhatsApp will provide the 2FA codes once users have submitted their phone numbers. Since it’s still within development, the feature (or a working version of it) may not be available on the private messaging platform just yet.
As with most discoveries of new features by Paluzzi or other reverse engineers, it is not known when Facebook is planning to implement this approach on either of its subsidiary platforms. Chances are, it’ll likely be pushed out to both Android and iOS versions of Instagram and WhatsApp once it exits development and also testing phases.
