Facebook

Got Hacked? Learn how to make your Facebook account more secure

Without a doubt, Facebook is an important part of many people's daily life. With many security issues like phishing, sold email addresses, hacked accounts, and leaked password lists - the need to keep your Facebook account safe is higher than ever before.

You can be proactive and secure your online social life. Avoid being a victim of hackers by securing your account properly. The following steps explain how to protect your Facebook account.

Quickly, why is securing your Facebook so important?

Everyone has seen the blue "Sign-in with Facebook" and "Register using Facebook"-buttons around the Internet. Many have used them. These convenient login/register options gained popularity quickly. By using these buttons, your Facebook account functions as the "login" for another website. As your Facebook becomes a crucial part of authentication, your online security becomes increasingly compromised. Any website holding access to your Facebook account can be hacked. Therefore, any hacker can easily get access to many other websites via these so-called "Social Login"-options. This makes keeping your Facebook Login information secure more important than ever before.

Example: Social Logins on Canva website

This shows the social logins on Canva.

What are the basics to keep my Facebook password safe?

The password to your Facebook account is as important as your bank card's PIN number. Your safety online depends mostly on how safe you keep your passwords. Many people link their Facebook accounts to other websites, including shopping sites. If you don't keep your password to yourself, you are running at risk of someone accessing your account and stealing your identity. Here are some tricks which will help you secure your Facebook password.

  • Create a strong password, which is at least 15 characters long, with mixed lowercase and uppercase letters, and utilize special characters. Avoid any repetitive patterns or words you can find using a dictionary or Google.

  • Do NOT share your password with anyone, ever! Avoid sharing your email address whenever possible.

  • Regularly change your password. Do not just add an incremental number at the end — people trying to steal your Facebook account will try this out and catch you off guard.

  • Do not use passwords that are easy to guess. Such as a company name, date of birth, your name, telephone numbers, license plate numbers, or any combination of these. Bruteforce dictionary attacks will crack these passwords in no time.

  • Never enter your Facebook login information (username/email address and passwords) on any site, which isn't Facebook — check the address bar to be sure. For the Facebook website, it should always contain either .facebook.com/ or /facebook.com/. Please note the leading . (dot) or / (slash) as well as the trailing slash (/). These are important criteria.

    If you enter your password on other sites, you are at risk of someone accessing vital data and acting on your behalf. Potentially scamming your friends and family using your online identity.

  • Keep your system tidy and up-to-date: Use anti-virus software. Regularly install updates for any software you are using. Ensure your system stays free from viruses and other malicious software by running regular scans.

Another great tip are password managers. These can help you keep your passwords manageable and avoid forgetting your password. Most password managers are available as locally installed software or as an online service. Some might even use a hardware system to protect your access and identity. LastPass is an established and reliable provider in the space of password managers.

Both free and commercial versions are readily available. Any of these password managers will help you secure your Facebook account by encrypting your passwords and then store them in a safe database — either locally or remotely on the server.

How to make your Facebook account more secure?

Even after a number of mistakes and problems within the tech side of the company, Facebook has done its job: hundreds of engineers have built a safe and stable platform. From here on, it's up to you to keep your Facebook account secure.

Besides the above mentioned password safety measures, you can use other security options as well to decrease your risks. For example, you can increase your security by adding your phone number to your Facebook account or by using a two-factor authentication app. A mobile app then becomes your second authentication channel for your Facebook login. More about the app later on. Alternatively, instead of using an app to authenticate yourself, you can receive a login code to your phone. Both options enhance security and are explained in the following step-by-step guide.

Step-by-Step: How to set up Two-Factor Verification on Facebook?

  1. Log in to your Facebook and click on the dropdown menu on the top-right corner of the page then select "Settings":

Select "Settings"

  1. In the left pane, click on "Security and login". Scroll down and select "Use two-factor authentication". Then click on "Get Started".

    Select "Use two-factor authentication" in the menu

  2. As mentioned in the intro, here is the point where you have to decide which one of the two authentication methods you want to use with Facebook in the future: Either your phone number or an authentication app.

    • Phone number: If you decide to use your phone, the mobile number you registered with Facebook will be used to receive authentication codes. If you haven't registered a phone number with Facebook, you get a chance in the next step. Fairly straightforward, low worries but linked to fairly insecure technology and requires a mobile number naturally. This also enables you to reset your Facebook password via your phone number later on.

      or

    • App: If you want to use the app path, ensure you have an authentication app installed on your personal mobile phone. There are a number of apps you can use with Facebook. A simple search over the iTunes or Google Play store for "2FA authenticator" will return what you are looking for. Many people are using Google's "Authenticator" app, either for Android or Apple iPhone. The following steps are based on the app as a second authenticator using Google's "Authenticator"-app.

      Once you are ready, click "Next".

      Choose a 2FA method for your Facebook account

  3. As mentioned, the following screens will vary depending on the choice in the step above. If you chose the "Authentication app" you should see the following screen.

    Scan QRCode to connect app to Facebook

  4. Launch the Google Authenticator app on your mobile. If you haven't installed it already, here again are the links for Android and iPhone. In the app, tap on the red round button near the bottom left corner.

    Set up Google Authenticator for Facebook

  5. A new window opens with two options: scan the barcode or enter the key manually. Choose whichever suits you.

    Setup Google Authenticator - Enter a provided key

  6. If you chose "Enter a provided key" then you have to manually fill in your Facebook account name and enter the secret key provided in step 4. Then click on the "ADD" button.

    Setup Google Authenticator - Manual account entry

  7. Google Authenticator app will generate a new code if the previous step is successful.

    Setup Google Authenticator - New Code is added

  8. Enter the code generated from Google Authenticator app into the Security code field. In the previous screenshot, this was the second entry in the list ("701 840") marked as Facebook below the code. There will be a check sign next to the input field if the code is correct. Click on "Confirm" to continue.

    Facebook: Set up a third-party app to generate auth-codes

    Provide your Facebook account password as prompted and then click on "Submit" to complete the process.

    Facebook: Set up a third-party app to generate codes (confirm password)

Done! Your Facebook account is now using two-factor authentication with the Google Authenticator App as a second channel/factor.

Conclusion

In the end, you need to keep your personal data safe and secure. This is in your, as well as Facebook's, best interest. Doing what is possible on your end is the minimum you should consider to protect yourself.

As much as your passwords are encrypted if you use third-party applications, you should also be careful not to expose any vital information which might lead to your personal information being compromised.

Following the two-factor verification method discussed above, you can now protect your personal information better and have a more enjoyable and secure Facebook experience.

References