Facebook Hacking Defense

Hi all. So it finally happened. My mother was hacked on Facebook. (I know you thought it was going to be my account, but nope...not yet.) I was alerted by a friend they thought my mother's account was hacked. I instantly called my mom and talked her through changing her password and booting any devices that were connected to her account. I told her I would write something up that would help others limit their exposure and help keep their accounts from getting hacked. So here we go...

While the key is to keep from getting hacked in the first place, it is more important to detect and quickly respond to it if/when it does happen.

Once your account is hacked, you want to change the password. Make sure you use a strong password. Better yet, use a passphrase. You can find more info about that from the video here. I also HIGHLY recommend you turn on two factor authentication. To do so in Facebook, it is very easy.

First, click the downward facing arrow on the right hand side of your screen and click settings.

Next, click Edit next to Password.

Type in your old password, as well as the new (SECURE) password. Many places will tell you that 8 characters, mix of uppercase, lowercase, numbers, and symbols (3 of the 4) is a secure password. I suggest a minimum of 12 characters, but the longer the better. That is why passphrases are much better and easier to remember.

Now that your password is changed, go to the left and click Security.

Click Edit under Login Approvals.

Select the checkbox 'Require a security code to access my account from unknown browsers'. Once this is checked, a small "wizard" will come up to walk you through the process.

Keep in mind that if you cannot use the Code Generator (Facebook's 2-factor "app"; which is essentially access to the Facebook App on your phone) they will text you the code, so make sure your number is correct in Facebook.

Facebook will send you a confirmation code to the phone number on file. Just type that code in the box. (This takes a few minutes at times, so be patient)

That's it. Login approvals (2 factor authentication) is setup. I suggest forcing to use the code right away).

 The next thing you want to do is run an account checkup. Click on the icon that looks like a lock with lines next to it on the top right of the screen and click Privacy Checkup.

Now check your settings. For posts, I suggest only allowing Friends to see what you post. (Keep in mind this does not change what has already been posted, but what is next posted. Also, this can be changed per post, so be careful if you set to public and forget to change back)

Next up, your apps. Review what apps you have allowed access to your account. The apps do not require your password and access is allowed even through password changes. Make sure there is nothing strange going on there and modify to what you want. For me, I set most apps to Only Me so I am not spamming my friends with posts from apps. You're welcome....

Third is Your Profile. This is info like your phone number, email address, and other personal information. I set most everything to Only Me as I don't need the world, or even my "Friends" seeing this information. Most of my friends already know this, and if they don't, then can ask me directly.

Next, click that lock icon again and select 'Who can contact me?'. I set my messages to Strict Filtering, and allow everyone to send me friend requests. (I'm just extremely picky about who I accept as friends.)

Now you will want to review other settings. Go back to the downward arrow and click Settings again. Then click Privacy on the left hand side. Review the settings and make sure that "Do you want other search engines..." is set to No.

 Now click Timeline and Tagging and review the settings here. My settings are in the screenshot below, but you can choose how to set your settings.

To wrap up, to secure your Facebook account:

1. Use a strong passphrase of 12 or more characters consisting of uppercase, lowercase, numbers, and symbols.
2. If you are hacked, discover quickly and change your password as soon as possible.
3. Use 2-factor authentication to add a layer of security.

Also, I know none of you do this, but if your password for Facebook is the same as any other account, make sure you change those passwords too. (It is best to not use the same password for multiple accounts)

Stay secure out there!


Popular Posts