WhatsApp has buckled up its security and rolled out two step authentication for all of its 1.4 billion users around the world for Windows Android as well as IOS. The messaging giant had started work on this security feature back in November last year.

WhatsApp’s 1.2 billion users now have access to one of the best safeguards any online service can offer: two-step verification.

This security measure, which requires an extra security code in addition to a password, has long been offered by Apple, Google, Facebook, Twitter, Microsoft and most other major online companies, services and banks. (Among the exceptions are Amazon and AOL.) Also known as two-factor authentication (2FA) or, in Facebook’s case, “login approvals,” the feature began rolling out to users Friday on WhatsApp’s iOS, Android and Windows apps.

How to enable this feature?!

To turn it on, open the messaging app, tap Settings, then Account, and then Two-Step Verification. WhatsApp also asks you for your email address, so that it can send you a link that lets you disable two-step verification in case you forget the six-digit code. You can skip this step, but you shouldn’t: If you forget your passcode and don’t have a disable link, you’ll need to wait seven days from the last time you used WhatsApp to get back in.

“After these 7 days, your number will be permitted to re-verify on WhatsApp without your passcode, but you will lose all pending messages upon re-verifying—they will be deleted,” WhatsApp said in a blog post announcing the new security feature. “If your number is re-verified on WhatsApp after 30 days of last using WhatsApp, and without your passcode, your account will be deleted and a new one will be created upon successfully re-verifying."

Two-step verification is an extra layer of security, and can prevent people who steal your password from gaining access to your account. It should be used wherever possible. But using it doesn’t make you completely hacker-proof. There are many ways that people with the right motivation and skills can gain access to online accounts.