Using a Signal Phone without sharing your personal phone
HOW I GOT A TRULY ANONYMOUS SIGNAL ACCOUNT
Yes, you can use Signal without sharing your personal phone number. Here’s how I did it.
THE MESSAGING APP Signal is described by security professionals as utilizing the gold standard of cryptography. Unlike many competitors, its default is end-to-end encryption — and on top of that, the app minimizes the amount of information it stores about users. This makes it a powerful communication tool for those seeking a private and secure means of chatting, whether it’s journalists and their sources, activists and human rights defenders, or just ordinary people who want to evade the rampant data-mining of Big Tech platforms.
Signal continues to introduce privacy-enhancing features such as usernames that can be used in lieu of phone numbers to chat with others — preventing others from finding you by searching for your phone number. But the app still requires users to provide a working phone number to be able to sign up in the first place.
For privacy-conscious individuals, this can be a problem.
In response to subpoena requests, Signal can reveal phone numbers. Relying on phone numbers has also led to security and account takeover incidents. Not to mention that the phone number requirement costs Signal more than $6 million annually to implement.
Signal insists on its site that phone numbers are a requirement for contact discovery and to stymie spam. (Signal did not respond to a request for comment). Other encrypted messaging platforms such as Session and Wire do not require phone numbers.
There are someways around Signal’s phone number policy that involve obtaining a secondary number, such as using temporary SIM cards, virtual eSIMs, or virtual numbers. But these approaches involve jumping through hoops to set up anonymous payment measures to procure the secondary numbers. And sometimes they don’t work at all (that was my experience when I tried using a Google Voice number to sign up for Signal).
I wanted a way to get a Signal account without leaving any sort of payment trail — a free and anonymous alternative. And thus began my long and tedious journey of registering Signal with a pay phone.
Finding a Pay Phone
The first step was actually finding a pay phone, a task which is dismally daunting in 2024.
The Payphone Project lists around 750,000 pay phones, but after attempting to cross-check a sampling of the hundreds of alleged pay phones in my town with Google Street View and Google Earth satellite images, I came to the quick realization that the list was woefully outdated. Many of these phones no longer exist.
A Google Maps search for pay phones in my area brought up of a half-dozen pins. Using Street View, I found that four locations seemed to have something resembling a pay phone box. Trekking out to them, however, revealed that one no longer had a pay phone, though discoloration of the store façade revealed the precise spot the pay phone used to be; another pay phone looked like it had been the victim of a half-hearted arson attack; the third and fourth lacked dial tones.
Asking on a community subreddit resulted in suggestions that once again led me to places without any working pay phones, or posts berating me for needing a pay phone in 2024 and inquiring about the legality of the endeavors I wished to pursue which would necessitate pay phone usage.
Failing at finding a functional pay phone through a systemic approach, I resorted to brute opportunism — keeping my eyes peeled for pay phones as I went through the dull drudgery of a modern life made ever bleaker by the lack of public phone access.
A Working Pay Phone, That Is
I didn’t just need to find a working pay phone — no small feat in 2024. I also needed to find one able to receive incoming calls, so I could get Signal’s activation message.
On a recent visit to Tampa, where I travel annually to discuss security matters and set things on fire, I spotted a pay phone while leaving Busch Gardens. Picking up the receiver, I was delighted to hear the telephonic equivalent of a pulse: a dial tone.
Now that I had a phone with a dial tone, the next step was to test whether it could receive incoming calls. This is because Signal’s registration process requires a phone number that can either receive a text message or a verification call.
To test whether a pay phone can receive incoming calls, you need to know one thing: the pay phone’s own phone number. Some pay phones reveal their numbers on the phones themselves, but not always.
If the number isn’t listed on the phone — it wasn’t in this case — there’s a workaround that doesn’t involve a paper trail leading back to your cellphone. Use the pay phone to call what’s known as an ANAC (automatic number announcement circuit), which provides an ANI (automatic number identification) service. In other words, it’s a phone number you can call which then reads out the phone number you are calling from. Lists of ANAC numbers have been bantered about for years, though like pay phone lists, almost all are now defunct.
One stalwart ANAC number that has withstood the test of time for over 30 years, however, is 1-800-444-4444. Feel free to try it. Call the number, and it should read yours back to you.
Back at Busch Gardens, I rang up the ANAC and had a number read back to me. The next and final step was to test whether the number actually accepted incoming calls. Unfortunately, when I called the number the ANAC line had read back to me, I reached the Busch Gardens main line, asking me to enter my party’s extension. In other words, this wasn’t actually the pay phone’s number, it was just the general theme park number.
Days later, during a layover on my trip home from Tampa, I noticed a small bay of pay phones at a small regional airport. I repeated the above rigamarole, and lo and behold, when I called the pay phone’s number from the neighboring pay phone, I was able to answer and talk to myself. Finally, success.
I took out a burner phone on which I wanted to set up Signal, which had no SIM or eSIM of any kind, and proceeded to enter the pay phone’s phone number when setting up Signal. Signal first insists on attempting to send a verification code via an SMS text message, so you have to initially go through that fruitless route. But after a few minutes, you can then select the option to receive the verification code via a voice call.
Moments later, the pay phone rang, and I was finally able to set up a Signal account.
The next and final step was to set up a PIN and enable a registration lock so that someone else wouldn’t be able to take over the account by going to the same pay phone and registering their own version of Signal with that same number. The registration lock expires after a week of inactivity, so you also have to keep using the Signal account. It took a while, owing to Signal’s onerous registration requirements coupled with the increasing lack of public phone access, but in the end I proved there is a way to use Signal with an untraceable phone number.
A Step-by-Step Guide
Obtain a phone. It doesn’t need to have an active phone number associated with it, and can be either an old phone you have around or a dedicated burner phone.
Locate a pay phone.
Find the pay phone’s phone number (call 1-800-444-4444 if it’s not written on the phone).
Make sure the pay phone can receive incoming calls.
Enter the pay phone number into Signal, and use the ‘Call me’ option to receive a verification call (this option shows up only after the SMS timer runs out).
Input the confirmation code, set up a PIN and enable Registration Lock in the Signal app.
SIGNAL’S NEW USERNAMES HELP KEEP THE COPS OUT OF YOUR DATA
Ephemeral usernames instead of phone numbers safeguard privacy — and makes Signal even harder to subpoena.
an assistant U.S. attorney issued a subpoena to Signal demanding that the messaging app hand over information about one of its users. Based on a phone number, the federal prosecutors were asking for the user’s name, address, correspondence, contacts, groups, and call records to assist with an FBI investigation. Two weeks later, the American Civil Liberties Union responded on behalf of Signal with just two pieces of data: the date the target Signal account was created, and the date that it last connected to the service.
That’s it. That’s all Signal turned over because that’s all Signal itself had access to. As Signal’s website puts it, “It’s impossible to turn over data that we never had access to in the first place.” It wasn’t the first time Signal has received data requests from the government, nor was it the last. In all cases, Signal handed over just those two pieces of data about accounts, or nothing at all.
Signal is the gold standard for secure messaging apps because not only are messages encrypted, but so is pretty much everything else. Signal doesn’t know your name or profile photo, who any of your contacts are, which Signal groups you’re in, or who you talk to and when. (This isn’t true for WhatsApp, Telegram, iMessage, and nearly every other messaging app.)
Still, one of the main issues with Signal is its reliance on phone numbers. When activists join Signal groups for organizing, they’ve been forced to share their phone number with people they don’t yet know and trust. Journalists have had to choose between soliciting tips by publishing their private numbers to their readers — and therefore inviting harassment and cyberattacks — or setting up a second Signal number, a challenging and time-consuming prospect. Most journalists simply don’t publish a Signal number at all. That’s all about to change.
With the long-awaited announcement that usernames are coming to Signal — over four years in the making — Signal employed the same careful cryptography engineering it’s famous for, ensuring that the service continues to learn as little information about its users as possible.
“Doing it encrypted is the boss level. We had to change fundamental pieces of our architecture.”
“Doing it encrypted is the boss level,” said Meredith Whittaker, president of the nonprofit Signal Foundation, which makes the app. “We had to change fundamental pieces of our architecture.”
If Signal receives a government request for information about an account based on an active username, Signal will be able to hand over that account’s phone number along with its creation date and last connection date. So being able to use Signal through usernames doesn’t mean your phone number becomes subpoena-proof — at least not without using the new ability to change your username at will.
That’s because the new Signal usernames are designed to be ephemeral. You can set one, delete it, and change it to something else, as often as you want.
Signal usernames are supported in the latest versions of the Signal desktop and mobile apps— make sure to update your app, in case you’re using an older version. My username is micah.01, if you want to drop me a message.
Signal’s New Phone Number Privacy
With the new version of Signal, you will no longer broadcast your phone number to everyone you send messages to by default, though you can choose to if you want. Your phone number will still be displayed to contacts who already have it stored in their phones. Going forward, however, when you start a new conversation on Signal, your number won’t be shared at all: Contacts will just see the name you use when you set up your Signal profile. So even if your contact is using a custom Signal client, for example, they still won’t be able to discover your phone number since the service will never tell it to them.
You also now have the option to set a username, which Signal lets you change whenever you want and delete when you don’t want it anymore. Rather than directly storing your username as part of your account details, Signal stores a cryptographic hash of your username instead; Signal uses the Ristretto 25519 hashing algorithm, essentially storing a random block of data instead of usernames themselves. This is like how online services can confirm a user’s password is valid without storing a copy of the actual password itself.
“As far as we’re aware, we’re the only messaging platform that now has support for usernames that doesn’t know everyone’s usernames by default.”
“As far as we’re aware, we’re the only messaging platform that now has support for usernames that doesn’t know everyone’s usernames by default,” said Josh Lund, a senior technologist at Signal.
The move is yet another piece of the Signal ethos to keep as little data on hand as it can, lest the authorities try to intrude on the company. Whittaker explained, “We don’t want to be forced to enumerate a directory of usernames.”
To prevent people from squatting on high value usernames — like taylorswift, for example — all usernames are required to have a number at the end of them, like taylorswift.89. Once you’ve set a username, other Signal users can start a conversation with you by searching for your username, all without learning your phone number.
Since usernames are designed to be ephemeral, you can set a new username specifically for a conference you’re attending, or for a party. People can connect with you using it, and then you delete it when you’re done and set it to something else later.
There are some cases you might want your username to be permanent. For example, it makes sense for journalists to create a username that they never change and publish it widely so sources can reach out to them. Journalists can now do that without having to share their private phone number. It makes sense for sources, on the other hand, to only set a username when they specifically want to connect with someone, then delete it afterward.
You can also create a link or QR code that people can scan to add you as a contact. These, too, are ephemeral. You can send someone your Signal link in an insecure channel, and, as soon as they contact you, you can reset your link and get a new one, without needing to change your username.
Finally, while you’ll still need a phone number to create a Signal account, you’ll have the option to prevent anyone from finding you on Signal using your phone number.
Can Signal Hand Over Your Phone Number Based on a Username?
Whenever Signal receives a properly served subpoena, they work closely with the American Civil Liberties Union to challenge and respond to it, handing over as little user data as possible. Signal publishes a post to the “Government Requests” section of their website (signal.org/bigbrother) whenever they’re legally forced to provide user data to governments, so long as they’re allowed to. Some of the examples include challenges to gag orders, allowing Signal to publish the previously sealed court orders.
If Signal receives a subpoena demanding that they hand over all account data related to a user with a specific username that is currently active at the time that Signal looks it up, they would be able to link it to an account. That means Signal would turn over that user’s phone number, along with the account creation date and the last connection date. Whittaker stressed that this is “a pretty narrow pipeline that is guarded viciously by ACLU lawyers,” just to obtain a phone number based on a username.
Signal, though, can’t confirm how long a given username has been in use, how many other accounts have used it in the past, or anything else about it. If the Signal user briefly used a username and then deleted it, Signal wouldn’t even be able to confirm that it was ever in use to begin with, much less which accounts had used it before.
If the Signal user briefly used a username and then deleted it, Signal wouldn’t even be able to confirm that it was ever in use to begin with.
In short, if you’re worried about Signal handing over your phone number to law enforcement based on your username, you should only set a username when you want someone to contact you, and then delete it afterward. And each time, always set a different username.
Likewise, if you want someone to contact you securely, you can send them your Signal link, and, as soon as they make contact, you can reset the link. If Signal receives a subpoena based on a link that was already reset, it will be impossible for them to look up which account it was associated with.
If the subpoena demands that Signal turn over account information based on a phone number, rather than a username, Signal could be forced to hand over the cryptographic hash of the account’s username, if a username is set. It would be difficult, however, for law enforcement to learn the actual username itself based on its hash. If they already suspect a username, they could use the hash to confirm that it’s real. Otherwise, they would have to guess the username using password cracking techniques like dictionary attacks or rainbow tables.
Why Does Signal Require Phone Numbers at All?
Signal’s leadership is aware that its critics’ most persistent complaint is the phone number requirement, and they’ll readily admit that optional usernames are only a partial fix. But because phone numbers make it simpler for most people to use Signal, and harder for spammers to make fake accounts, the phone number requirement is here to stay for the foreseeable future.
Signal doesn’t publish how many users it has, but the Android app boasts over 100 million downloads. It has achieved this scale largely because all you need to do is install the Signal app and you can immediately send encrypted messages to the other Signal users in your phone’s contacts — based on phone numbers.
“You reach a threshold where you’re actually reducing privacy.”
This ease of use also makes Signal more secure. If Signal removed phone numbers, making it more difficult for Signal users to find each other compared to using alternative messaging apps, there could be a price to pay. “You reach a threshold where you’re actually reducing privacy,” Whittaker said. She gave an example of a person who faces severe threats and normally maintains vigilance but whose mother is only on WhatsApp because she can’t figure out the numberless Signal. The high-threat person would be stuck using the less secure option more often.
Requiring phone numbers also makes it considerably harder for spammers to abuse Signal. “The existence of a handful of small apps that don’t really have a large scale of users, that don’t require phone numbers, I don’t think is proof that it’s actually workable for a large-scale app,” Whittaker said.
It’s entirely possible to build a version of Signal that doesn’t require phone numbers, but Whittaker is concerned that without the friction of obtaining fresh phone numbers, spammers would immediately overwhelm the network. Signal engineers have discussed possible alternatives to phone numbers that would maintain that friction, including paid options, but nothing is currently on their road map.
“That’s actually the nexus of a very gnarly problem space that I haven’t seen a real solution for from any alternatives, and we would want to tread very, very cautiously,” Whittaker said. “There’s one Signal. We’re the gold standard for private messaging, and we have achieved critical mass at a pretty large scale. Those things couldn’t easily be recreated if we fuck this up by making a rash decision that then makes it a spammy ghost town. That’s the concern we’re wrestling with here.” source
