If you installed WhatsApp on an Android device for example, your password is likely to be an inverse of your phones IMEI number with an MD5 encryption thrown on top of it (without salt).
How does OP know this? Was there a leak of "passwords" or did he find this through trial & error?
Edit: Just found out that's what it says even on the Wikipedia entry about WhatsApp[1].
You can convert .dex files back to .class files, and then use a java decompiler. Not all functions will be properly decompiled but overall it's still quite good. Knowing this, reversing Android apps is actually a lot easier.
How does OP know this? Was there a leak of "passwords" or did he find this through trial & error?
Edit: Just found out that's what it says even on the Wikipedia entry about WhatsApp[1].
[1]: http://en.wikipedia.org/wiki/WhatsApp