Protective measures for your Facebook account
1. The key is strong and genuine password
The desirable strength of password could be defined by
- using at least 10 characters
- using at least 1 capital letter
- using at least one specific character or symbol, e.g. (?. *, +)
The password could be changed anytime following – Settings>> Security and Login >> Change password >> Edit.
Recommendation: When logging in, a browser usually requests permission to store password. Despite being it more convenient option, it is not optimal for security purposes. Malware and viruses usually do not have problem do dig up saved passwords in browser´s cache and sent them to attacker.
2. Activating alerts about unrecognized logins
Unrecognized logins alerts is a service that notifies user by (fb) notification, e-mail or SMS about login on computer or other device, which was not used before. It could mean that account was compromised and somebody has logged to user´s account behind his back to abuse the account.
Alerts could be activated in account settings – Security and Login >> Get alerts about unrecognized logins >> Edit.
3. Activating two-factor authentication
This service provides additional layer of security. When user attempts to login from unrecognized (firstly used) device, it will prompt to enter additional numerical code. This code could be obtained by following means:
- Receiving a text message on user set mobile number – this service could be charged though
- If you own iOS or Android device, there is an fb app called Code Generator available for free. Serves basically the same purpose as SMS code, generating numerical code to be entered upon request.
Service could be activated in account settings – Security and Login >> Use two-factor authentication
4. Recognized devices
From time to time, it is beneficial to check the list of recognized devices for your account. It is advisable to remove those devices, that you do not usually use or not at all.
Recognized devices could be managed in account settings – Security and Login >> Use-two factor authentication >> Authorized Logins >> Edit
5. Current logins
FB provides list of your current logins. If you spot any suspicious, unknown devices or places, terminate the login by clicking on Log out.
Pending connections are revisable in account settings – Security and Login >> Where you´re logged in
6. Using secure https protocol
Although Facebook should use https protocol by default, it is preferable to check it each time in upper left corner of the browser. HTTPS is secure hypertext transfer protocol. It provides secure data exchange and therefore considerable security against data hacking.
7. Few basic rules to follow when using Facebook social network:
Do not use identical passwords for different applications. The password should be genuine for each account or system.
Beware of fake links
Social networks are usual targets for various types of viruses. One of the most used ways is friend sending you a short message with link included. If there is a suspicion that something unusual is sent or the language of message does not fit, do not click the attached link. You would risk downloading virus to your device.
Recommendation: If you happen to click such link and therefore you downloaded some suspicious file to your pc, remove that file immediately. Furthermore, scan your PC with anti-virus software. There are many available for free, e.g. Avast, Microsoft Security Essentials or free online scanner by ESET.
Phishing risk
Phishing is targeted activity, when fraudster aims to get your passwords or other data directly from you. Goal is usually to commit money fraud or something similar. It is recommended not to click on any suspicious links or to fill your login data in any suspicious forms or pop-up windows.
Privacy control
It is important to control your privacy when using social networks. Facebook allows you to quickly configure which info are publicly available, who can contact or search you.
You could set all aspects of privacy in account settings – Privacy >> Privacy Settings and Tools
Beware of statuses and information you willingly provide about yourself
(e.g. when you are leaving for two-week holiday abroad or you are in car with photo and location attached, some malfunction at home or similar)
See also:
Securing your Google account