The 8 Most Important Ways to Protect Your Identity and Privacy on Facebook: #3

3. Secure your account.
Facebook connects 700,000,000 people around the globe.  Some say it’s a tool to spread democracy in a viral way. Other people just see it as a way to tell strangers that you are “playing hooky”.

Our Facebook accounts have become, in many ways, our online selves. Our digital identities mirror our real identities in that there is some information we don’t want to share with everyone.  Even if you have your Facebook privacy settings literally set to “everyone”, you still may have private messages that you do not want public. Our challenge to share the right things with the right people. And to do that, you need to keep control over your account.

There are endless ways to hack unsecured accounts . While account cracking is a tough thing for a stranger to pull off, sloppy Facebooking can make it easy for your friends to take control of your account.

You’ve already secured your browsing. Now there are a few things you can do now to protect your Facebook.  They’re listed in order of importance.

Use a strong password NO ONE can guess and don’t let your browser remember it
Creating and remembering strong passwords isn’t easy. That’s why we recommend this simple system. And don’t let Firefox, or any browser you use, remember your passwords. To clear your passwords in Firefox, go to “Tools” then “Clear Private Data” the close and reopen Firefox.)

Use unique passwords for all of your important accounts (and update them every few months)
For any account that really matters—your email, your bank and credit card accounts, Facebook—you need to use a unique, strong password that you do not use for any other account. You should update the passwords of your most important accounts every few months, at least. If you recognize any suspicious account activity in your account, change your password immediately.

Make sure your system software and Internet security are updated
Updated system and Internet Security can’t stop you from making security mistakes or being the victim of social engineering. But it can prevent most of the common attacks out there. Our free Health Check will tell you if your PC is protected. Once you are updated, be sure to update your most important software including your OS, browser, media players and PDF reader on a regular basis either through our Health Check or the software developers’ sites.

Watch where you click and watch where you land
Always check the URL in your browser to make sure you’re on Facebook when you enter your private information. And if you ever have any doubt about something that has been posted in your newsfeed, follow the Golden Rule of Social Media Security and don’t click. More on the art of clicking in #6 of this guide.

Always log out
You’re not keeping hackers out by staying logged in. They still can get in and you’re leaving your account open for a snarky co-worker or invasive family member to pry. And once someone is inside your account, they can change your password to keep you out.

If you use Facebook’s mobile app, always lock your smartphone
Your phone can give an intruder access to your and your friends’ private information. An intruder could also post status updates and photos as you. This could simply embarrass your or cause actual harm to your career or private life. I also recommend using a remote lock software like our Free Anti-Theft for Mobile on your smartphone if you lose it.

How To Make Sure You Can Get Your Account Back If It Is Hacked

If you start using a new email account, update Facebook settings
If your account is hacked, you need access to the email account you have in your settings. If you can’t get into that email because it’s closed, you’ve just greatly limited your chance of recovering your account.

Consider doing what Facebook recommends

Facebook now rates how secure your account is. It’s a powerful feature, as long as you take it seriously. If your account “Overall Protection” is rated “low”, Facebook will prompt you to add some information. I suggest you do this though it will require adjusting your notifications so you won’t get messages from Facebook that you do not want to see.

Add a secondary email
Facebook asks for a secondary email. This helps Facebook because now it will be able to connect you with more friends. And it helps you if you ever lose access to your primary email, or if your primary email gets hacked. So only add  a secure email account with a unique password.

You can add your secondary email by going to “Account” > “Account Settings”> Find “Email” and click on “change”.

Add your mobile number
Adding your cell phone number gives you a secondary way to claim your hacked account. It also gives you the ability to get one-time passwords, which I’ll explain later. To change or add your mobile number, go here. On that same page, be sure to edit your notifications or Facebook will be texting you nonstop. Only activate your phone for this purpose if you keep it locked when it is not in use.

Add a strong security question
Make sure you choose a question that only you can answer. The last five digits of your driver’s license are probably better answer than the name of your first pet—since your friends and family may know that. The worst answer, of course, would be one that a stranger could figure out by looking at your profile.

For Extra Protection

Activate Account Protection
Want to be notified when a new computer logs into your account? Activate Account Protection. If someone gets into your account on a device you don’t recognize, you can login to Facebook and “end activity” on that login. Then you can, hopefully, change your password before the intruder does. Once you activate this feature, you’ll have to name every device you login from. It’s slightly annoying, but it gives you the kind of control of your account that will keep your account safe.

To activate Account Protection and “end activity” on any Facebook sessions you didn’t initiate, go to “Account” > “Account Settings”> Find “Account Protection” and click on “Save”.

Use Login Approval
You can prevent someone from logging into your account with Facebook’s new Login Approvals, as long as the attempted hacker doesn’t have access access to the mobile you have connected to your Facebook account. Login approval requires a new security code sent via SMS when you attempt to use your Facebook account from a new device. This requires a one-to-two minute setup on each device you use.

To activate Login Approvals, go to “Account” > “Account Settings”> Under “Login Approvals”, click the box for “Require me to enter a security code sent to my phone” then click  “Save”.

Use One-Time Passwords on public computers
If you use Facebook on public computers, such as at school or the library, you should use Facebook’s One-Time password feature. On a public computer, you have no idea what kinds of programs are running that could be used to log your account information. By using a unique password each time, you remove the risk that your credentials will be stolen.

To do this you need to set up and verify your SMS number. Go here and add in your mobile number. You’ll then need to verify the number by entering a code that will be sent to you. Once this is done, you can send a text message to 32665 with the message “otp” when you’re about to login on a public computer. Your One-Time Password will work for 20 minutes after you receive it.

Follow us on Facebook for ongoing tips on securing your account.

The 8 Most Important Ways to Protect Your Identity and Privacy on Facebook

  1. Unless you have a good reason not to, use the “Friends Only” privacy setting.
  2. Turn on Secure Browsing.
  3. Secure your account.
  4. Take a look at what others see when they see you and decide if you want search engines to find your profile.
  5. Turn off Instant Personalization and audit your apps.
  6. Watch where you click.
  7. Decide if you want your name and image to appear in Facebook ads.
  8. Start using Facebook lists.

More posts from this topic

MB

In what color would you like your new Mercedes?

A new Mercedes. Nice. Or maybe an Audi R8? That would be cool. But hold it! Don’t sell your old car yet! Liking and sharing that giveaway campaign on Facebook will NOT give you a new car. Those prizes doesn’t even exist. They are just hoaxes. Internet and Facebook is full of crap, junk, rubbish, nonsense and gibberish. Nobody knows how many chain letters there are spreading some kind of unbelievable story. False celebrity news, bogus first-aid advice, phony charity campaigns and this kind of giveaways. We tend to think about these chain letters as hoaxes, pretty harmless jokes that doesn’t hurt us. But that’s not the full story. A hoax can be harmful, like the outright dangerous first aid advice that some people keep spreading. But a car giveaway is probably a harmless and safe prank, even if it’s false? No, not really. These chain letters are actually not traditional hoaxes, they are like-farming scams. There’s no free lunch, you don’t pay for Facebook with money but with your private data. The like-farming scams work in the same currency. You will not lose any money even if you like the page and share it. Instead you will participate in building a page with a lot of supporters, which is valuable and can be sold later. Needless to say, you will not get any of that money. Here’s how it works. Any business has a problem when starting on Facebook. An empty page without likes isn’t trustworthy. So the scammers set up a page containing anything that can go viral. A promise to get a luxury car works well. They just have to tell everyone to like the page and to share it as much as possible, to keep the chain reaction going and get even more likes. The scammers wait until there’s enough likes before they clean out the content, rename it and start looking for a buyer. The price is in “$ per k”, meaning dollars per 1000 likes. A page with 100 000 likes could sell for over $1000. So sharing the page can make quite a lot of money for the scammers if you have a lot of gullible friends, who in turn have a lot of gullible friends, and so on … The downside for you is that the likes stick even if the page is redesigned for some totally different purpose. Your face will be an evangelist for the page’s new owners and show up next to their brand. And you have no idea about what you will be promoting. I have friends who are anti-fur activists. You can probably imagine what one of them would feel when discovering that she likes a fur-coat designer! And finally some concrete advice. Review your list of old likes regularly. Remove everything except those things you truly like and want to support. When you encounter a giveaway post like this, check the involved brand’s main page in Facebook by searching for the brand name. You will in most cases notice that the giveaway is a totally different page that just is named similarly. That’s a strong scam indicator. Use common sense. From the above you get an idea about what likes in Facebook are worth. Does it make sense to give away luxury cars for this? Don’t participate in scams like this. It might feel tempting, but remember that your chance to win is exactly zero. Spread knowledge every time you see a scam of this kind. Comment with a link to this post or the appropriate description on Hoax-Slayer or Snopes.   Those sites are by the way fun and educating reading. I recommend spending some time there getting familiar with other types of hoaxes too. Read at least these two articles: Facebook car giveaway on Snopes and Facebook like-farming scams on Hoax-Slayer .   Safe surfing, Micke  

Dec 16, 2014
BY 
Facbook terms

Facebook’s new terms, is the sky falling?

You have seen them if you are on Facebook, and perhaps even posted one yourself. I’m talking about the statements that aim to defuse Facebook’s new terms of service, which are claimed to take away copyright to stuff you post. To summarize it shortly, the virally spreading disclaimer is meaningless from legal point of view and contains several fundamental errors. But I think it is very good that people are getting aware of their intellectual rights and that new terms may be a threat. Terms of service? That stuff in legalese that most people just click away when starting to use a new service or app. What is it really about and could it be important? Let’s list some basic points about them. The terms of service or EULA (End User License Agreement) is a legally binding agreement between the service provider and the user. It’s basically a contract. Users typically agree to the contract by clicking a button or simply by using the service. These terms are dictated by the provider of the service and not negotiable. This is quite natural for services with a large number of users, negotiating individual contracts would not be feasible. Terms of service is a defensive tool for companies. One of their primary goals is to protect against lawsuits. These terms are dictated by one part and almost never read by the other part. Needless to say, this may result in terms that are quite unfavorable for us users. This was demonstrated in London a while ago. No, we have not collected any children yet. Another bad thing for us users is the lack of competition. There are many social networks, but only one Facebook. Opting out of the terms means quitting, and going to another service is not really an option if all your friends are on Facebook. Social media is by its nature monopolizing. The upside is that terms of service can’t change the law. The legislation provides a framework of consumer and privacy protection that can’t be broken with an agreement. Unreasonable terms, like paying with your firstborn child, are moot. But be aware that the law of your own country may not be applicable if the service is run from another country. Also be aware that these terms only affect your relationship to the provider of the service. Intelligence performed by authorities is a totally different thing and may break privacy promises given by the company, especially for services located in the US. The terms usually include a clause that grant the provider a license to do certain things with stuff the users upload. There’s a legitimate reason for this as the provider need to copy the data between servers and publish it in the agreed way. This Facebook debacle is really about the extent of these clauses. Ok, so what about Facebook’s new terms of service? Facebook claim they want to clarify the terms and make them easier to understand, which really isn't the full story. They have all the time been pretty intrusive regarding both privacy and intellectual property rights to your content, and the latest change is just one step on that path. Most of the recent stir is about people fearing that their photos etc. will be sold or utilized commercially in some other way. This is no doubt a valid concern with the new terms. Let’s first take a look at the importance of user content for Facebook. Many services, like newspapers, rely on user-provided content to an increasing extent. But Facebook is probably the ultimate example. All the content you see in Facebook is provided either by the users or by advertisers. None by Facebook itself. And their revenue is almost 8 billion US$ without creating any content themselves. Needless to say, the rights to use our content is important for them. What Facebook is doing now is ensuring that they have a solid legal base to build current and future business models on. But another thing of paramount importance to Facebook is the users' trust. This trust would be severely damaged if private photos start appearing in public advertisements. It would cause a significant change in peoples relationship with Facebook and decrease the volume of shared stuff, which is what Facebook lives on. This is why I am ready to believe Facebook when they promise to honor our privacy settings when utilizing user data. Let’s debunk two myths that are spread in the disclaimer. Facebook is *not* taking away the copyright to your stuff. Copyright is like ownership. What they do, and have done previously too, is to create a license that grant them rights to do certain things with your stuff. But you still own your data. The other myth is that a statement posted by users would have some kind of legal significance. No, it doesn’t. The terms of service are designed to be approved by using the service, anyone can opt to stop using Facebook and thus not be bound by the terms anymore. But the viral statements are just one-sided declarations that are in conflict with the mutually agreed contact. I’m not going to dig deeper into the changes as it would make this post long and boring. Instead I just link to an article with more info. But let’s share some numbers underlining why it is futile for ordinary mortals to even try to keep up with the terms. I browsed through Facebook’s set of terms just to find 10 different documents containing some kind of terms. And that’s just the stuff for ordinary users, I left out terms for advertisers, developers etc. Transferring the text from all these into MS Word gave 41 pages with a 10pt font, almost 18 000 words and about 108 000 characters. Quite a read! But the worst of all is that there’s no indication of which parts have changed. Anyone who still is surprised by the fact that users don’t read the terms? So it’s obvious that ordinary user really can’t keep up with terms like this. The most feasible way to deal with Facebook’s terms of service is to consider these 3 strategies and pick the one that suits you best. Keep using Facebook and don’t worry about how they make money with your data. Keep using Facebook but be mindful about what you upload. Use other services for content that might be valuable, like good photos or very private info. Quit Facebook. That’s really the only way to decline their terms of service. By the way, my strategy is number 2 in the above list, as I have explained in a previous post. That’s like ignoring the terms, expecting the worst possible treatment of your data and posting selectively with that in mind. One can always put valuable stuff on some other service and post a link in Facebook. So posting the viral disclaimer is futile, but I disagree with those who say it’s bad and it shouldn’t be done. It lacks legal significance but is an excellent way to raise awareness. Part of the problem with unbalanced terms is that nobody cares about them. A higher level of awareness will make people think before posting, put some pressure on providers to make the terms more balanced, and make the legislators more active, thus improving the legal framework that control these services. The legislation is by the way our most important defense line as it is created by a more neutral part. The legislator should, at least in theory, balance the companies’ and end users’ interests in a fair way.   Safe surfing, Micke   Image: Screenshot from facebook.com

Dec 3, 2014
BY 
privacy settings twitter

It’s time to check your Twitter ‘Security and privacy’ settings

When it comes to privacy, Twitter's simplicity has always been its key advantage. Your tweets are public or they are protected. Of course, this implicit agreement with users has never been that simple. "Protected" tweets turned out to be searchable -- they aren't anymore. And if one of your followers decides to share your tweets through a manual retweet or a screenshot, you're just as exposed as you would be if your tweets were public. But that's true of any form of digital -- or real world -- communication. Now, Twitter is getting even more complicated to become in hopes of becoming as mainstream as Facebook, which is trying to improve the revelancy of its feed in order to replace Twitter as the go-to online destination for monitoring breaking news. You may have noticed that Twitter's is slowly rolling out changes to its web experience that may alter the way people understand the service. Tweets that have been favorited but not retweeted by people you follow may show up in your stream. More changes like location-based alerts and native video will soon follow. The closer-to-original Twitter experience still exists -- and will likely always exist -- in apps like Tweetdeck. But no matter how you use the service, your activity on and off the site is being tracked to improve outcomes for advertisers. This makes sense. It is a business and since you're not paying to use this valuable service, you are its product -- even if you're using the site for business. By offering tools like its free analytics, the site is striving to make it clear how useful it is and build good will as it evolves. However, Twitter recognizes that its users just may want to avoid allowing more "big data" tentacles into our digital brains. Thus it allows you to opt out of some tracking and features that may feel invasive. Here's how to do that: Go to your "Security and privacy" section of your Settings. Scroll all the way down. If you're interested in maximum privacy, I recommend your uncheck the three boxes at the bottom of the page -- Discoverability, Personalization and Promoted Content -- then click "Save changes". While you're on this page, make sure you're taking advantage of Twitter's best security tool: Login verification. Turn on two-factor authentication by activating "Send login verification requests to my phone". Twitter's biggest security problem is that everyone in the world knows your login. Unless you turn on Login verification, all an intruder needs is your password. You may also want to make sure "Tweet location" is off and erase all of your previous locations, if you're worried about being tracked in the real world. One last thing while you're checking your settings, click on Apps. Then "Revoke access" of any you're not using. Not sure if you're not using an app? Get rid of it and you can always renew its access later. Cheers, Jason [Image courtesy of Rosaura Ochoa via Flickr.]

Dec 1, 2014
BY