WhatsApp has started rolling out a new optional two-step verification service to its billion-plus users in a move to boost account security.

WhatsApp has been testing the feature since November, and while it doesn't work exactly like the two-factor authentication security offered by the likes of Google and Facebook, it adds a much-needed extra layer of protection to user accounts.

Just last month, it was revealed that a flaw in the way WhatsApp deals with encryption keys left users wide open to man-in-the-middle (MITM) attacks, enabling third-parties to tap their communications.

To enable the feature, you'll need to update to the latest version WhatsApp and then head over to Settings > Account > Two-step verification > and Enable.

Once this feature is turned on, users will have to enter a six-digit passcode every time they register their phone number with WhatsApp again.

WhatsApp recommends that forgetful users should probably provide it with a legit email address, otherwise you might end up locked out of your account.

Over on its FAQ page, WhatsApp explains: "We do not verify this email address to confirm its accuracy. We highly recommend you provide an accurate email address so that you're not locked out of your account if you forget your passcode.

Users who do not register an email address with WhatsApp will be able to log back into the service but will have to wait a week to do so.

WhatsApp said: "After seven days, your number will be permitted to reverify on WhatsApp without your passcode, but you will lose all pending messages upon reverifying - they will be deleted.

"If your number is reverified on WhatsApp after 30 days of last using WhatsApp, and without your passcode, your account will be deleted and a new one will be created upon successfully reverifying."