Telegram review

Mikaela Bray
Mikaela Bray | Contributing Writer
Last updated: February 3, 2021
telegram start messaging
Disclaimer: Affiliate links help us produce good content. Learn more.

Earlier this decade, encrypted chat service Telegram gained notoriety for providing a channel for the Islamic State to communicate ahead of major terrorist attacks.

Since then, it’s gained even more notoriety after cybersecurity experts suggested it may not even be that secure. Many concerns relating to Telegram are founded in the mistrust of its founder, Pavel Durov.

Durov has been a controversial figure ever since founding VK, the biggest social networking site in Russia. He has been described by former business partners as “unpredictable,” and he’s currently a fugitive of his home country after several run-ins with the Kremlin.

Where does that leave Telegram, though? In unclear territory, that’s for sure. We decided to put the software to the test to discover, once and for all, whether Telegram remains a viable option for encrypted communication or whether it has become as untrustworthy as its founder.

Protect all of your online activities
Shield your web traffic from the prying eyes of hackers, corporations, and governments with a top-rated VPN.

How to use Telegram

Telegram’s installation process is fairly painless. For mobile users, the app is available on the App Store, Google Play, and the Microsoft store. From there, all you’ll need to do is download the app to your phone and register your mobile number with the app.

Telegram’s interface essentially works like the majority of other messenger apps. There is the option to provide a username so that others can search you, although if you’re mindful of your online data privacy then this isn’t advisable – any user can search for your username and then message you through the Telegram app.

As with many other messenger systems, Telegram is also available on desktop (OS X, Windows, and Linux). However, partially because the software uses mobile numbers as identifiers, you are required to register your account via the mobile app(s) first. Telegram then sends you a verification code via SMS which will activate the app on your desktop device.

Is Telegram secure?

Unlike many other messengers, the Telegram app allows users to create a personal passcode lock. The good thing about this is that, when the app is locked, the user will never receive push notifications. The company states that this is to ensure “private data stays hidden from prying eyes.”

However, our issue with the passcode lock is that it is only four digits long. This isn’t the best form of security because a four-digit passcode can be brute-forced by a computer in under seven minutes. Telegram’s passcode lock is therefore a weak promise of security.

Two-step authentication

We were initially worried when starting the research for our Telegram review given that the initial login verification is conducted through SMS. This kind of communication is notoriously unsecure, and many users have reported that their SMS four-digit code had been intercepted and their account hacked.

Fortunately, we soon found that Telegram allows for two-step authentication, wherein a user-generated password can also be applied at the login stage. While this makes sense from a cybersecurity standpoint, it’s quite unwieldy and seems like the team behind Telegram are simply putting out fires as soon as they pop up.

Active sessions

Partially due to the two-step verification mentioned above, the Telegram app can be used on multiple devices. This can be either highly convenient or a nightmare; it’s easy to become paranoid over whether you remembered to log out of any devices that may also be used by other people – not to mention if one of those devices is stolen.

Nevertheless, Telegram has an “active sessions” feature that allows you to see which devices you are logged in on. You thus have the option to terminate any of these sessions if you really need to.

The bad thing about this, though, is if you didn’t lock a session on a device that has gone missing, then whoever gets their hands on your device can easily view your active sessions. They have the opportunity to log you out of your own account, and they also have information on your other IP addresses. In our opinion, this feature is a massive oversight on behalf of Telegram security.

Secret chats

Telegram also features the option to open what is known as “secret chats,” which make use of end-to-end encryption and self-destructing messages. The time limit on message self-destruction can be set by the user. Additionally, you can set photos to self-destruct, and the countdown for that begins as soon as the receiver opens the photograph.

In this way, Telegram is sort of like a more customizable version of Snapchat. However, we were disappointed while surveying this feature during our Telegram app review as it basically reveals that Telegram only uses end-to-end encryption during secret chats. With other instant messengers, this comes as standard.

Self-destructing accounts

We’re not sure how to view this next feature: Telegram automatically deletes your account if it has been inactive for six months. It’s understandable when considering the need for Telegram to maintain enough disk space to run the service, but certain other pieces of information we came across when researching our Telegram app review gave us serious cause for concern.

As messages on Telegram is decentralized, they have no way of accessing your messages, let alone deleting them. While this is technically good news, it’s also worth noting that the company admits they cannot remove your messages from other users’ devices (unless you enable automatic self-destruction of those messages which, again, is only available in secret chats).

What this means is that, if you simply forget to use Telegram for a while, your account could be permanently deleted, but any messages you have sent before this happens will remain in the hands of the person you sent it to. Quite simply, there are endless ways this could go wrong.

Online status

One thing we do like about Telegram is that it provides you with the option to not share your “last seen” status. This is a huge flaw with other services such as Facebook Messenger, and the fact that you’re able to toggle this can definitely improve your privacy.

Telegram troubleshooting

Telegram users are always complaining about the broken notifications system – Telegram basically neglects to notify many new users of incoming messages. This is a settings issue, and can be optimized easily enough with a bit of troubleshooting. Unfortunately, the website is very unclear about this, and thus it is easy for the uninitiated to become stuck with this problem.

Given its controversial history, Telegram is blocked in a number of territories. These include: Iran, Russia, Pakistan, Bahrain, and China. It is by far the most widely-censored instant messaging service currently on the market, which of course is a significant detractor to those who wish to use Telegram without having to consult a VPN.

How Telegram compares to other private messaging apps


Launched: 2013
Owner: Telegram Messenger LLP
Users: 200 million (monthly)
End-to-end encryption: Yes, but only in secret chats
Secret chats: Yes
Secure file sharing: No
Data storage in servers: No
Chat/Messages self-destruction: Yes, but only in secret chat
Requires mobile number: Yes
Supported platforms: Android; iOS; Windows Phone; PC; Mac; Linux


Launched: 2009
Owner: WhatsApp Inc.
Users: 1.5 billion
End-to-end encryption: Yes
Secret chats: Yes
Secure file sharing: No
Data storage in servers: Yes, but only until the message has been sent. (If the message has not been sent, it remains on the server for 30 days.)
Chat/Messages self-destruction: No
Requires mobile number: Yes
Supported platforms: Android; iOS; Windows Phone; PC; Mac

Recommended reads:

Most secure messaging apps

Leave a Reply

Your email address will not be published.

  1. Rick

    Telegram sign is about as moronic as you can get. I have been locked out again because it sent 2 codes and I enter the wrong one and after a couple of times it tells me I have too many attempts and have to try later, what kind of crap is that. Can they not set up a security question system or send an activation to your email, no these morons just lock you out, what a low level app

  2. Lukas

    Russian authorities lifted their ban on the Telegram messaging app, citing the company’s willingness to help with its counterterrorism efforts (basically meaning that Russian government can read all what you write).

    Anybody knows if Signal does the same?

    1. Seven

      Keep in mind that Telegram channels are NOT encrypted. Telegram tells you that upfront as this method is to communicate with the public at large.
      Secret chats, video and voice calls are end and encrypted.
      Standard chats are server side encrypt w/ keys geographically separated and distributed.

      Here’s the problem: Signal was created by the same spooky regime change outfits that fund the Tor Project. The money primarily comes through the federal government’s premier Internet Freedom venture capital outfit: Open Technology Fund, which works closely with the State Department’s regime change arm and is funded through several layers of Cold War CIA cutouts — including Radio Free Asia and the Broadcasting Board of Governors…Signal, like Tor, is bankrolled by the soft-power wing of the U.S. National Security State as part of a larger “Internet Freedom” initiative — an attempt to leverage the Internet and digital communication tools as a compliment to more traditional elements of psychological warfare and regime change ops. ”
      Now MTProto ” Version v2.0 is formally verified 2, meets IND-CCA criterion and uses RSA-2048, AES-256 cryptographic and SHA256 hashing primitives” which meets the…standard… you are wanting to emphasize.
      Please feel free to search the net to see the security audit of MTProto 2.0

      The main differences I see from the start are as follows:
      Signal has been verified to be funded by the U.S. Govt.
      The U.S. is part of Five Eyes.
      Signal Servers are centralized in the U.S.
      Signal runs on Amazon AWS cloud service — and Amazon is itself a CIA contractor
      So more than likely the Signal encryption protocol can be accessed by the U.S. Govt; They fund it, they own it, they control it.
      Signal is not on F-Droid

      Telegram has not be proven to be funded by any government
      Telegram headquarters is not in either Five Eyes, Nine Eyes, or Fourteen Eyes.
      Telegram Servers are decentralized and multi-geographic/multinational.
      Telegram server keys are not stored in the same geographic location as the servers
      Telegram Keys are split between 2 countries.
      Telegram is on F-Droid
      Telegram servers are to be fully open sourced this year.

  3. Lance

    Telegram’s use by terrorists in the past definitely discourages me from giving it a try, whatever secure features the program may have!

    1. Thomas

      That’s ironic considering that you still use internet when terrorists do that too, you should considered living in a cave like the old days of our humanity 😂

    2. CJ

      So you don’t use smartphones, computers or any other form of communication? Last time I checked, terrorists have used those as well.

  4. Without1957

    Sending messages that self-destruct after a time that you can determine seems like a safety feature that could be a big help with privacy. Especially if someone gets access to your phone like the police or a suspicious spouse.

  5. Joe G

    Telegram is useful but it’s far from being 100 % safe and private. But then again, are we really safe anywhere ? All apps have their weaknesses so the best thing to do is to be careful online.

  6. Michal Švec

    Telegram is an app I’d use for low-security conversations where I’m not too worried about the average person trying to hack in. To be blunt, the four-digit security code is awful and reminds me of those old bicycle locks that had three-digit security codes. Sooner or later, you were going to crack them. This doesn’t appear to be a useless program, it’s just not something you use for anything serious.

Table of Contents:
Thanks for your opinion!
Your comment will be checked for spam and approved as soon as possible.