mpol writes "In the past WhatsApp has been hightly critisized over their insecure use of the XMPP messaging protocol. Recently new versions of their app have incorporated encryption.
It seems the trouble isn't over yet for WhatsApp and its users. Sam Granger writes on his blog that WhatsApp is using IMEI numbers as passwords. This is at least the case with the Android app, but other platforms are probably using similar methods.
Since it is easily readable what someone's IMEI number is, this isn't really secret information that should be used for authentication.
In the wake of the Apple/FBI UDID fiasco, will we see lists with phone numbers and IMEI numbers appear on the net?"
Link to Original Source