Signal
Updated 5 May 2026
Signal is an end-to-end encrypted messaging app maintained by the Signal Foundation, a non-profit. It is the baseline recommendation for secure one-to-one and group messaging.
Key settings
| Setting | Recommended value | Why |
|---|---|---|
| Note to Self | Enable | Encrypted personal clipboard across devices |
| Screen lock | On | Prevents shoulder-surfing |
| Screen security | On | Hides previews in the app switcher |
| Incognito keyboard | On (Android) | Prevents keyboard from learning message content |
| Registration lock | On | Prevents SIM-swap account takeover |
Disappearing messages
Set a default timer on all new conversations. A sensible default for most people is one week; adjust per relationship. Disappearing messages do not protect against the other party screenshotting, but they reduce the value of device seizure over time.
Safety numbers
Before sending anything sensitive to a new contact, verify safety numbers out of band — by phone call, in person, or via a QR code scan. A safety-number change notification means a new device or reinstall; verify before continuing.
Limitations
Signal requires a phone number to register, which links your identity to a carrier. This is a metadata weakness. For higher-threat models, consider a VoIP number or a dedicated SIM. See the vpn-comparison entry for related network-layer considerations.