Oh boy, if this report is true, WhatsApp is using your IMEI numbers as passwords. It could result in hackers hijacking your WhatsApp, or spoofing/intercepting your messages. It uses a phone number for a username and a modified version of the IMEI number, inverted with an MD5 hash, and although that’d seem secure enough to you, Sam Granger, a web developer, notes that he could hack in to his friend’s account and send and receive messages using technique(s) he mentions on his blog. Of course, he had the permission from his friend.
So what’s the username and password? Your phone number is the username, and the password is your IMEI number. Although it’s encrypted to an extent, Granger notes that it’s not difficult to find that bit of information as well.
That’s the Android version of the app. The Symbian version stores all this information is plain-text. If you have a Symbian device and WhatsApp installed, you might be aware of a WALogs folder. It should be sitting in the root of your Memory Card, or the phone memory (if you don’t have a memory card installed).