AT&T is getting serious about hackers who try to listen in on other people’s voicemail by requiring new subscribers to set up Password Protect so they aren’t as vulnerable to hackers.

The new policy, announced in a blog post on Friday, applies when a new subscriber or new line is added to an existing account. Starting early next year, AT&T will set the default voicemail setting to Password Protect anytime a customer upgrades or changes their handset, meaning anytime a customer gets a new device, he or she will be required to set a password and use it unless they affirmatively turn the feature off.

Chief Privacy Officer Bob Quinn said the company has long encouraged subscribers who have concerns about voicemail privacy to establish passwords and to set their voicemail preferences to require the use of a password whenever voicemail is accessed. Over a transition period, all customers will ultimately have the default setting on their voicemail turned to Password Protect, but they will still have the option of disabling the feature if they prefer not to enter a password when they call voicemail from their own handset.

“We wish that we did not have to make this change,” he wrote. “While there may be legitimate reasons for a caller to mask their phone number, broadly available commercial spoofing technology is wide open to misuse. As in so many other situations, it is the misuse of the technology rather than the technology itself that is the problem.”

AT&T is stopping short of actually prohibiting customers from accessing voicemail unless they use a password, saying it wants subscribers to make the choice. But it does recommend choosing the password option.

Rival Verizon Wireless requires customers to enter a password to retrieve their voicemail, whether it be from the phone itself or another phone. Security experts advise setting passwords that are not easily guessable.