We often talk to journalists about using Signal for secure video, voice, and text messaging. Signal offers end-to-end encryption, meaning the service can’t read the content of your conversations, and has almost no information about its users. It’s free and open source, so anyone can look at the code to see that it’s doing what is promised. And instead of exploiting your personal data, it’s supported by a nonprofit and your donations.

Now that Signal is becoming more widely adopted, we’re seeing more people than ever using group chats to talk about sensitive topics. The issue is that end-to-end encryption can’t protect you from people who are invited to these groups. Depending on the size of your group and who is present, you may need to take some extra steps to mitigate risk when speaking in groups, while still taking advantage of their benefits.

Group chat risks, and what you can do

Risk No. 1: The size of your group

How well do you know and trust everyone in a group? The larger a group gets, the more likely it is that someone unfamiliar or untrusted may be added.

Even if you trust everyone in the group, adding more people increases the risk of someone taking a screenshot that may be automatically uploaded to cloud services like Google Drive or iCloud, or the risk that a group member’s device is compromised with malware that could leak your conversations.

This doesn’t just apply to Signal. Using group chats more safely, no matter what the platform, is always a collective effort.

What you can do

  • Don’t say anything you wouldn’t say to someone you don’t trust. Instead, consider inviting anyone you’d like to speak to about sensitive topics to a 1-to-1 chat, or start a smaller group with trusted contacts.
  • Download security updates to minimize your collective risk of leaking conversations through malware. Encourage others in your groups to do the same. If you feel at acute risk, you can also harden your device against malware even further by enabling Lockdown Mode for your iPhone or Advanced Protection for an Android device. Note that these options will remove some functionality from your phone.
  • Think carefully about which groups you want to join at all. Sometimes a group has also gotten too big and it might be time to leave.

Risk No. 2: Display names and photos

When you are in a group, everyone can see the display name and profile photo you set in your Signal profile. If you trust everyone in the group, great! But again, this could be an issue if you are in a group where you don’t want to be identified.

What you can do

  • If you don’t want to be identified by others in the group (or their potentially compromised devices), edit your profile to set a display name and photo without identifying characteristics.
  • This is important: Change your display name before joining the group. If you make the change while in the group, you will leave a record of the change. So if you don’t trust everyone in the group, you have to set the display name before joining.

Risk No. 3: Device loss or seizure

If your device is lost or stolen when it’s not locked with your passcode, of course someone could read the messages on it. Likewise, law enforcement entities are known to use forensic tools to break into seized devices, making it possible to read anything on the device, including your messages.

What you can do

This all takes minutes to set up, and you’ll feel glad you did.

  • Apply long, unique passwords — ideally an alphanumeric passcode — on devices you use for Signal.
  • Forensic tools work much more effectively on old and unpatched phones. It’s therefore important to keep your devices up to date, particularly if you anticipate theft or seizure.
  • Unless you really need it, it’s safest to turn off your device when you anticipate a risky situation, such as when going to cover a protest. On modern Android and iPhone devices, disk encryption is enabled by default. However, it works best before you type in your passcode to unlock your phone. The easiest way to enable disk encryption is to simply power down.
  • If you want to be hard core, set up a dedicated Signal screen lock to require an additional passcode or biometrics to open your Signal app.
  • Set Signal notifications so that they do not reveal message contents or senders. Alternatively, you can turn notifications off altogether. Learn how to prevent notifications from being displayed on your phone’s lock screen.
  • Not all conversations need to stay on your device indefinitely. You can use disappearing messages to automatically wipe unneeded conversations after a set amount of time. Note that if you are not the group administrator, you will not be able to control the disappearing message settings. Consider whether you want to stay in a group with settings that don’t make you feel comfortable.

Risk No. 4: Phone numbers

By default, Signal does not show your phone number to other users, unless they already had your phone number in their phone’s contact list. In practice, that means the risk that strangers will see your phone number is very remote, but we wanted to note it. You can also ensure no one can look you up by your phone number.

What you can do:

Why stop there?

Taking the above steps will meaningfully help to use Signal groups safely. To learn even more about how to maximize Signal’s privacy and security settings, read our guide to locking down Signal. While you’re at it, read our guide to mobile maintenance. As always, journalists in need of digital security assistance can also reach out to our team.