Signal usernames are here!

Martin Shelton

Principal Researcher

Header image with a graphic of Signal's "speech bubble" logo, with a pattern of silhouettes of phones in the background.
Credit: Freedom of the Press Foundation (CC BY 4.0)

It’s the Digital Security Training team at Freedom of the Press Foundation (FPF), with security news that keeps you, your sources, and your devices safe. If someone has shared this newsletter with you, please subscribe here.

In the news

This week, security nerds are dancing in the streets because Signal, the encrypted messaging app, is finally rolling out usernames. Signal has previously required users to provide their phone number as an identifier, but with this most recent update, users may instead use a username. Through massive reengineering, Signal is now able to store additional data, including information about usernames, in a secure format. By default, phone numbers will be hidden from new contacts, and users can also optionally remove their phone number from Signal’s “new contact” search. Read their blog post here.

What you can do

  • Right now these new features are in Signal’s public beta. If you want these features now, you can sign up. The beta version can sometimes be a little buggy, so fair warning. However, it’s also rolling out to the more stable “vanilla” app in coming weeks, so stay on top of downloading your app updates.
  • Signal’s default settings are already great, but if you want to dive deeper into maximizing its security benefits, read our guide to locking down Signal.

Updates from my team

  • We wrote a post on why journalists should set up Signal usernames! Check it out here.
  • To include the new changes to usernames we’ll also be updating our other Signal-related guides in the coming weeks. Stay tuned.

We are always ready to assist journalists with digital security concerns. Reach out here, and stay safe and secure out there.

Get Notified. Take Action.

Best,
Martin

Donate to support press freedom

Your support is more important than ever.

Read more about Digital Security Digest

Indicted NYC mayor forgets phone passcode

Eric Adams allegedly claimed that he had changed the passcode and told the FBI he did not remember it.

Discord boosts private call encryption

Discord announced its rollout of end-to-end encryption for voice and video calls in one-to-one and group direct messages, voice channels, and Go Live streams.

Apple seeks dismissal of NSO Group lawsuit

Apple has filed a motion to withdraw a lawsuit against NSO Group, an Israeli spyware company.