Skip to content

Whisper Links

Last Updated
8/10/2021
Category
Sharing & Permissions
Related patterns
  • QR code verification View
Propose a change
Edit on GitHub

The Design Problem

In a peer-to-peer application, two devices are able to connect their computers and share content directly. However, stabilizing that initial connection can be challenging.

The Design Solution

One user creates a code that can be shared with the other easily using another communication channel. The code should be short and human-pronounceable, using a phonetically-distinct word list.

Consider using a URI protocol handler link (e.g., myapp://) so that when clicked on, your application will automatically open.

Examples

Why Choose Whisper Links?

When you want to establish a connection between two users for common use cases where there is a human-mediated communication channel (such as text, chat, or phone call) already in progress.

If using a word list, localize it. In other words, use a word list language that is the same as the user’s chosen language.

Allow users to create their own whisper links.

Consider only allowing a certain number of failed attempts to protect against spammers and brute-force attacks. See password-authenticated key agreement for more implementation details.

This could be used in conjunction with QR code verification if two users are able to share an image or are in the same physical location.

Use longer lengths for higher security use cases and shorter lengths for links intended to be publicly accessible. The longer the code, the less likely it is that an attacker could randomly guess the whisper link and connect to an unauthorized computer. However, longer links may be more difficult to copy and remember.

When users are able to choose their own whisper links, it’s possible they will choose names that are easy to guess. Consider implementing a “bad meeting name detector” which tells users when their link could be hijacked by an suspicious third-party attacker.

The Take-Away

Whisper Links make it easy to share information quickly between two trusted users.

References & Where to Learn More

What Three Words maps every 3x3m location on earth to three words! This is how powerful three words alone can be.

Want to propose a change? Edit Whisper Links on GitHub