Blog/Infosec 101/

Encryption on Facebook Messenger — are your conversations private?

Apr 02, 2020

20 billion messages are sent on Facebook Messenger every month, making it the most popular messaging app in the world. You may be wondering: are these messages secured? The answer is “it depends”. Facebook offers end-to-end encryption, but it’s not enabled by default.

What is end-to-end encryption?

End-to-end encryption means that only you and the person you’re communicating with can read your messages.

When you send a message, you encrypt your data with a public key. The person on the other end then decrypts it with a private key. You don’t keep these keys in your possession — encryption happens automatically. If you type Hello to your friend and somebody intercepts your message, they would only see a long string of numbers and letters.

Is Facebook Messenger private?

By default, your messages on Messenger are not private and can be accessed by the authorities, hackers, and Facebook itself. This might come as a surprise to many people after all those personal data leaks that the company had experienced over the years. The only Facebook-owned messaging service that uses end-to-end encryption by default is WhatsApp.

You can activate encryption on Facebook Messenger by going into the secret conversation mode:

  1. Tap on any conversation or contact in Messenger.
  2. Tap the i icon in the upper-right corner.
  3. Scroll down and select Go to secret conversation.
  4. Start chatting.

The person you are texting will know that you both are in a secret conversation. But keep in mind that Facebook will only encrypt the new messages you send after turning secret mode on — the old ones will remain unencrypted.

Once you’re in secret mode, Facebook will secure your messages with end-to-end encryption. You can also choose to have secret messages be deleted 5 seconds, 1 hour, or 1 day after they are read, giving you extra security.

If you want to chat with several people in secret, you have to turn on secret mode for each conversation. It doesn’t work for group conversations, though — if you want to safely share sensitive information with a group of people, you’ll have to send it to each one separately in secret mode.

End-to-end encryption coming to all messaging services

At the moment, secret conversation mode only encrypts messages. But while there currently is no encryption option for voice and video calls, last year Facebook revealed that they were testing it. Unfortunately, it won’t affect calls in regular mode.

Mark Zuckerberg, Facebook CEO, plans to have encryption available for all Facebook messaging services in the future. Right now, only Instagram does not offer any kind of encryption. Facebook also plans to combine the functions of WhatsApp, Messenger, and Instagram to let users talk more easily with each other.

Encrypting files before sending them over Messenger

NordLocker users can encrypt their files before sending them over Messenger. This way, your data remains secure even if you don’t switch to secret mode — without your permission to access the encrypted files, no one can see what’s inside.

Elisa Armstrong

Elisa Armstrong

Verified author

Elisa’s all about languages. She speaks five, loves stand-up comedy, and is writing her first novel. Besides her extensive knowledge of cybersecurity, she’s an expert in persuasion techniques hackers use and strives to teach people how to avoid online scams.