Securing Your Social Network Accounts

One of the worst things that can happen to you online is when someone hijacks one of your social network accounts.  When unauthorized bad-actors get your Facebook or Twitter password, they can use your account to impersonate you, and to send all sorts of friend requests, share requests, spam, and posts with click-bait links that can lead your friends to web pages that will steal their information or silently download and install malware.

With a tip of the cap to the Sophos Naked Security blog, we are going to help you secure your Facebook, Twitter, and Instagram accounts.  Recently, Naked Security ran three articles that provide step by step instructions on how to secure your Facebook, Twitter, and Instagram accounts.  In the interest of brevity, I going to refer you to the original posts for the step by step instructions.  I have also provided a link to instructions for securing LinkedIn.

There are some common steps that would work with any online account or service, so I will recap them here:

  • Enable two-factor authentication – Do I really need to give a reason?  2FA protects you in the event that your password is stolen or compromised.  In addition to your password, and would-be hijacker would also need the 2FA codes on your smartphone.
  • Enable log-in alerts – This sends an email or text to you any time you or someone else logs into your accounts, and usually includes date and time, geographic location, and device information.
  • Limit connected apps – Personally, I never let Facebook or Google log me in to other apps and accounts, but if you like the convenience, at least take time to review the list and prune it back from time to time.
  • Set up an alternate email – If for some reason your primary email account is unavailable (or compromised), set up an alternate email for password reset instructions.
  • Choose a lockout buddy – Many of these services will allow you to designate another person to vouch for you if you should forget your password (or have it changed by an unauthorized party) and get locked out of your account.

More information:


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Serving small business owners in the St Paul, Minneapolis, and western Wisconsin area since 2001. Cybersecurity and hacking have been a passion of mine since I entered the computer and networking business in 2000. I hold several cybersecurity certifications including Certified Information Systems Security Professional (CISSP), Certified Advanced Security Pratitioner (CASP), and Certified Ethical Hacker (CEH). Other computer industry certifications include A+, Network+ and Microsoft Certified System Engineer (MCSE). As Cybersecurity Analyst at The WyzCo Group, I help our clients experience high levels of security on their computers, networks, and websites. In addition to consulting on security products and services, we also conduct security audits, vulnerability assessments and full penetration tests. We also work with companies and organizations that need to certify compliance with regulations such as PCI-DSS (credit card processing), HIPAA/HITECH (medical records), and GLBA. We also provide Cybersecurity Awareness Training for clients and their employees. I am a frequent speakers at cybersecurity conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference, the (ISC)2 World Congress, and the ISSA International Conference, and many local community organizations, Chambers of Commerce, SCORE, and several school districts. I have been blogging on cybersecurity since 2008.
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.