The 8 Most Important Ways to Protect Your Identity and Privacy on Facebook: #3

3. Secure your account.
Facebook connects 700,000,000 people around the globe.  Some say it’s a tool to spread democracy in a viral way. Other people just see it as a way to tell strangers that you are “playing hooky”.

Our Facebook accounts have become, in many ways, our online selves. Our digital identities mirror our real identities in that there is some information we don’t want to share with everyone.  Even if you have your Facebook privacy settings literally set to “everyone”, you still may have private messages that you do not want public. Our challenge to share the right things with the right people. And to do that, you need to keep control over your account.

There are endless ways to hack unsecured accounts . While account cracking is a tough thing for a stranger to pull off, sloppy Facebooking can make it easy for your friends to take control of your account.

You’ve already secured your browsing. Now there are a few things you can do now to protect your Facebook.  They’re listed in order of importance.

Use a strong password NO ONE can guess and don’t let your browser remember it
Creating and remembering strong passwords isn’t easy. That’s why we recommend this simple system. And don’t let Firefox, or any browser you use, remember your passwords. To clear your passwords in Firefox, go to “Tools” then “Clear Private Data” the close and reopen Firefox.)

Use unique passwords for all of your important accounts (and update them every few months)
For any account that really matters—your email, your bank and credit card accounts, Facebook—you need to use a unique, strong password that you do not use for any other account. You should update the passwords of your most important accounts every few months, at least. If you recognize any suspicious account activity in your account, change your password immediately.

Make sure your system software and Internet security are updated
Updated system and Internet Security can’t stop you from making security mistakes or being the victim of social engineering. But it can prevent most of the common attacks out there. Our free Health Check will tell you if your PC is protected. Once you are updated, be sure to update your most important software including your OS, browser, media players and PDF reader on a regular basis either through our Health Check or the software developers’ sites.

Watch where you click and watch where you land
Always check the URL in your browser to make sure you’re on Facebook when you enter your private information. And if you ever have any doubt about something that has been posted in your newsfeed, follow the Golden Rule of Social Media Security and don’t click. More on the art of clicking in #6 of this guide.

Always log out
You’re not keeping hackers out by staying logged in. They still can get in and you’re leaving your account open for a snarky co-worker or invasive family member to pry. And once someone is inside your account, they can change your password to keep you out.

If you use Facebook’s mobile app, always lock your smartphone
Your phone can give an intruder access to your and your friends’ private information. An intruder could also post status updates and photos as you. This could simply embarrass your or cause actual harm to your career or private life. I also recommend using a remote lock software like our Free Anti-Theft for Mobile on your smartphone if you lose it.

How To Make Sure You Can Get Your Account Back If It Is Hacked

If you start using a new email account, update Facebook settings
If your account is hacked, you need access to the email account you have in your settings. If you can’t get into that email because it’s closed, you’ve just greatly limited your chance of recovering your account.

Consider doing what Facebook recommends

Facebook now rates how secure your account is. It’s a powerful feature, as long as you take it seriously. If your account “Overall Protection” is rated “low”, Facebook will prompt you to add some information. I suggest you do this though it will require adjusting your notifications so you won’t get messages from Facebook that you do not want to see.

Add a secondary email
Facebook asks for a secondary email. This helps Facebook because now it will be able to connect you with more friends. And it helps you if you ever lose access to your primary email, or if your primary email gets hacked. So only add  a secure email account with a unique password.

You can add your secondary email by going to “Account” > “Account Settings”> Find “Email” and click on “change”.

Add your mobile number
Adding your cell phone number gives you a secondary way to claim your hacked account. It also gives you the ability to get one-time passwords, which I’ll explain later. To change or add your mobile number, go here. On that same page, be sure to edit your notifications or Facebook will be texting you nonstop. Only activate your phone for this purpose if you keep it locked when it is not in use.

Add a strong security question
Make sure you choose a question that only you can answer. The last five digits of your driver’s license are probably better answer than the name of your first pet—since your friends and family may know that. The worst answer, of course, would be one that a stranger could figure out by looking at your profile.

For Extra Protection

Activate Account Protection
Want to be notified when a new computer logs into your account? Activate Account Protection. If someone gets into your account on a device you don’t recognize, you can login to Facebook and “end activity” on that login. Then you can, hopefully, change your password before the intruder does. Once you activate this feature, you’ll have to name every device you login from. It’s slightly annoying, but it gives you the kind of control of your account that will keep your account safe.

To activate Account Protection and “end activity” on any Facebook sessions you didn’t initiate, go to “Account” > “Account Settings”> Find “Account Protection” and click on “Save”.

Use Login Approval
You can prevent someone from logging into your account with Facebook’s new Login Approvals, as long as the attempted hacker doesn’t have access access to the mobile you have connected to your Facebook account. Login approval requires a new security code sent via SMS when you attempt to use your Facebook account from a new device. This requires a one-to-two minute setup on each device you use.

To activate Login Approvals, go to “Account” > “Account Settings”> Under “Login Approvals”, click the box for “Require me to enter a security code sent to my phone” then click  “Save”.

Use One-Time Passwords on public computers
If you use Facebook on public computers, such as at school or the library, you should use Facebook’s One-Time password feature. On a public computer, you have no idea what kinds of programs are running that could be used to log your account information. By using a unique password each time, you remove the risk that your credentials will be stolen.

To do this you need to set up and verify your SMS number. Go here and add in your mobile number. You’ll then need to verify the number by entering a code that will be sent to you. Once this is done, you can send a text message to 32665 with the message “otp” when you’re about to login on a public computer. Your One-Time Password will work for 20 minutes after you receive it.

Follow us on Facebook for ongoing tips on securing your account.

The 8 Most Important Ways to Protect Your Identity and Privacy on Facebook

  1. Unless you have a good reason not to, use the “Friends Only” privacy setting.
  2. Turn on Secure Browsing.
  3. Secure your account.
  4. Take a look at what others see when they see you and decide if you want search engines to find your profile.
  5. Turn off Instant Personalization and audit your apps.
  6. Watch where you click.
  7. Decide if you want your name and image to appear in Facebook ads.
  8. Start using Facebook lists.

More posts from this topic

Facebook Phone Number

Why Does Facebook Want My Phone Number?

Facebook has become the most popular social network in the history of known universe for a pretty simple reason: It appeals to our egos. Our egos love to be connected, recognized and comforted. But those needs are generally tiny compared to our desire to be flattered. And one way Facebook continually flatters us is by asking for our phone number -- continually. Like all the time. But like any stranger seeking your digits, the site may have ulterior motives. Ask Facebook, "Why am I being asked to add my phone number to my account?" and its help page will tell you this: Adding your phone number to your account will help keep your account secure, make it easier for you to connect with friends and family on Facebook and make it easier to regain access to your account if you have trouble logging in. That's true. But are there other reason that it might want this piece of information -- reasons that appeal directly to Facebook's bottom line? Almost certainly. In fact, the business case for getting your phone number may be so strong that it's likely at least part of the reason for the change in terms and conditions for WhatsApp, which is owned by the technology giant. So what does Facebook get when it gets your phone number? Potentially lots and lots of information about you -- possibly even your favorite breakfast cereal. Watch our chief research office Mikko Hypponen break down what the data scientists that help social networks sell ads learn about you from your number. [youtube] Even if you don't mind being marketed at with ruthless efficiency, there may be other ways Facebook could use your number that you might want to consider. You might have heard about the therapist who began seeing her patients pop in Facebook's "People You May Know" module. How did this happen? Fusion's Kashmir Hill suggests that "an algorithm analyzing this network of phone contacts might reasonably assume all these people are connected." And in this case the therapist didn't even remember giving her number to the site, but she had. If you're logged in, you can check if Facebook has your number here. This still could be some value to you in handing over your number. Two-factor authentication is generally a smart strategy for any account you want to protect -- and you need to offer your smartphone number to access the SMS messages you'll need to use. But remember: If you make your number available on Facebook, people can find you by searching it. So if you do use Facebook's two-factor authentication, you should consider hiding your phone number for anyone but yourself. To do this, go to your profile page, click "About" under your cover image and then in the left column click on "Contact and Basic Info". Next to your mobile number, click "Edit" and select "Only Me". This will make sure strangers won't find your number through your profile or vice versa. But it won't stop Facebook from knowing what your favorite breakfast cereal is. {Image by HighwaysEngland | Flickr]

September 9, 2016

Why You May Want to Disable Location Services for Facebook

When news broke that Facebook was at least temporarily using users physical location to suggest real world connections, a strategy that has been employed by the NSA, the backlash was sharp.  It wasn't difficult to imagine scenarios when identities could be inadvertently and uncomfortably revealed through group therapy, 12-step meetings or secretive political movements. The world's most popular social network quickly said it would not continue what it called a small-scale test nor roll the feature on a wider scale in the future. But Facebook is still using your location data for other purposes, Fusion's Kashmir Hill reports: We do know that Facebook is using smartphone location for other things, such as tracking which stores you go to and geotargeting you with ads, but the social network now says it’s not using smartphone location to identify people you’ve been physically proximate to. Hill notes that using location to match users up, thus acting as a tool to reveal the identity of nearby strangers, might violate Facebook's agreement with the Federal Trade Commission . So you should expect that your location -- like everything you do on Facebook -- is being used to turn you into a better product for its advertisers. That's the cost of using a "free" site but you can limit your exposure a bit by turning off location services for Facebook on your phone. Here's very simple instructions for turning off location services on your Facebook and Facebook Messenger apps on your Android of iOS device. Do you mind if Facebook uses your location to suggest new friends? Let us know in the comments. [Image by Lwp Kommunikáció | Flickr]

June 30, 2016
twitter, changes

POLL: What Changes To Twitter Would You Like To See?

Little changes can make a difference. For instance, Twitter's decision to switch a star for a heart as its "Favorite" button increased use of the button by as much as 27.82 percent. And it's clear that despite Wall St. demanding that site grow faster and be easier for new users to grasp to have some hope of keeping up with competitors like Facebook and Snapchat, the site is still sweating the small stuff. Here are the four changes to the service announced this week: Replies: When replying to a Tweet, @names will no longer count toward the 140-character count. This will make having conversations on Twitter easier and more straightforward, no more penny-pinching your words to ensure they reach the whole group. Media attachments: When you add attachments like photos, GIFs, videos, polls, or Quote Tweets, that media will no longer count as characters within your Tweet. More room for words! Retweet and Quote Tweet yourself: We’ll be enabling the Retweet button on your own Tweets, so you can easily Retweet or Quote Tweet yourself when you want to share a new reflection or feel like a really good one went unnoticed. Goodbye, .@: These changes will help simplify the rules around Tweets that start with a username. New Tweets that begin with a username will reach all your followers. (That means you’ll no longer have to use the ”.@” convention, which people currently use to broadcast Tweets broadly.) If you want a reply to be seen by all your followers, you will be able to Retweet it to signal that you intend for it to be viewed more broadly. These tweaks are in line with Twitter's tradition of paying attention to how people use the site and make it easier for them to do what early adopters are already doing. That's how we got hashtags, retweet buttons and @ replies. Now you'll be able to tweet a bit longer messages, something people do now with screenshots of text, and have more public conversations, something people do now by putting a "." before someone's @username so their whole feed sees the conversation not just people who happen to follow you and the user you're conversing with. Cool. These are useful little nudges that will keep people who already love the site engaged -- even though they may have some ugly unforeseen consequences. But will they transform Twitter and spark a new wave of growth? Not likely. What would without alienating the hundreds of millions of loyal users? Tough question and we'd like to know what you think. [polldaddy poll=9429603] Cheers, Jason [Image by dominiccampbell | Flickr]

May 26, 2016