Saturday, March 28, 2015

Do You Use Facebook? Learn How To Secure Your Account

The last time I checked, Facebook reportedly had 1.4 billion users worldwide - an astounding number. This represents almost 20% of the Global population. It dwarfs any of the other Social Networks, although China's QQ instant messaging network has half as many active users. Twitter checks in, down the line, with less than 300 million. So, Facebook has become an advertisers dream - with all of those potential eyes. Unfortunately, it has also become a hackers playground. Have you lost control of your Facebook account? Have you been hacked? Here are a few simple tips that will help you lock down your account.

  1. You must have a good password. Choose a password that is not used on any other account. Make it 12 characters or more. Random Numbers, letters, symbols, upper & lowercase. Use mnemonics to help you remember your password or get a Password Manager.
  2. Don't display your email address in your Profile. Go into your Profile>Personal Information and set your email so that it is visable to, Only You.
  3. If you use a mobile phone, go into your account settings and Confirm your number. Set it so that you are the only one that can see it - visibility "Only Me". This will come in handy if you have to reset your password or if you decide to use second factor authentication (below).
  4. Turn on Secure Browsing (https) this will encrypt your credentials when you are logging into Facebook. To turn this on go to Account Settings->Security-> Secure Browsing->Edit->Browse Facebook on a secure connection->Save Changes.
  5. Turn on login notifications so you will be alerted if someone logs into your Account from a new device. Go to Settings > Security> Login Alerts >Edit > Enter the details (for SMS or Email) and save the changes. You will now receive a SMS/Email, each time you or someone else logs in to your Facebook account from a new device or Browser. You can indicate that a specific device is "trusted" to avoid extraneous notifications.
  6. Be cautious when using your FB account on open WIFI hotspots (coffee shops, hotels, etc.) - these are "fair game" for hackers. Make sure that the FB address in your browser starts with HTTPS - indicating that you have a secure connection. Use a VPN if possible.
  7. Don't become Friends with people you do not know. These are mostly spammers or hackers who would like to gain access to your personal information.
  8. Be aware of the Social Engineering Attacks - someone impersonating Facebook trying to get your credentials. This can occur within Facebook or you may receive an email with a link taking you to a fake FB site. Don't click on the link and delete the email.
  9. If you MUST login to FB on a public computer (one that you do not own) turn on Incognito in the Browser to prevent the computer for storing you login information.
  10. Finally, if you want to take FB security to another level, you can enable 2nd factor authentication on your Facebook Account. Be advised that additional security always comes with less convenience and this step can be cumbersome. So, how does it work. We generally have 3 methods of authentication. "What You Know" (login & password), "What You Have" (mobile phone or tablet), "What You Are" (biometrics, fingerprint, eye scan). Facebook's implementation of 2nd factor Authentication is called Login Approvals. When you attempt to login to your account from a New Browser you will have to supply the 1st factor - (login credentials) and 2nd factor - (a unique code from your mobile device). Generally, a "bad guy" would need to know your login credentials and, in addition, have possession of your mobile device, to gain access to your account. Obviously, this is much more secure, but a little less convenient for you - the account owner. Fortunately, you can indicate that specific Browsers and computers are "trusted" to prevent redundant authentications. The 2nd factor codes can be generated by the receipt of a text message (SMS) or via a Facebook Mobile App. Second Factor Authentication (Login Approvals) can be setup within the Security Settings on your Facebook Account.

What do you do if your Facebook account has already been compromised? First, try to login and change your password. If you cannot gain access go to and follow the directions to try and recover your account.