Securing Your Social Network Accounts

One of the worst things that can happen to you online is when someone hijacks one of your social network accounts.  When unauthorized bad-actors get your Facebook or Twitter password, they can use your account to impersonate you, and to send all sorts of friend requests, share requests, spam, and posts with click-bait links that can lead your friends to web pages that will steal their information or silently download and install malware.

With a tip of the cap to the Sophos Naked Security blog, we are going to help you secure your Facebook, Twitter, and Instagram accounts.  Recently, Naked Security ran three articles that provide step by step instructions on how to secure your Facebook, Twitter, and Instagram accounts.  In the interest of brevity, I going to refer you to the original posts for the step by step instructions.  I have also provided a link to instructions for securing LinkedIn.

There are some common steps that would work with any online account or service, so I will recap them here:

  • Enable two-factor authentication – Do I really need to give a reason?  2FA protects you in the event that your password is stolen or compromised.  In addition to your password, and would-be hijacker would also need the 2FA codes on your smartphone.
  • Enable log-in alerts – This sends an email or text to you any time you or someone else logs into your accounts, and usually includes date and time, geographic location, and device information.
  • Limit connected apps – Personally, I never let Facebook or Google log me in to other apps and accounts, but if you like the convenience, at least take time to review the list and prune it back from time to time.
  • Set up an alternate email – If for some reason your primary email account is unavailable (or compromised), set up an alternate email for password reset instructions.
  • Choose a lockout buddy – Many of these services will allow you to designate another person to vouch for you if you should forget your password (or have it changed by an unauthorized party) and get locked out of your account.

More information:


About the Author:

Cybersecurity analyst, pen-tester, trainer, and speaker. Owner of the WyzCo Group Inc. In addition to consulting on security products and services, Bob also conducts security audits, compliance audits, vulnerability assessments and penetration tests. Bob also teaches Cybersecurity Awareness Training classes. Bob works as an instruction for CompTIA’s non-profit IT-Ready Program in the Twin Cities. IT-Ready is a tuition free 8-week program designed to teach students of all ages the fundamentals of IT support to prepare them for an entry level position in Information Technology Support. Graduates of the classes take the exams to become CompTIA A+ certified. Bob is a frequent speaker at conferences such as the Minnesota Bloggers Conference, Secure360 Security Conference2016, 2017, 2018, 2019, the (ISC)2 World Congress 2016, and the ISSA International Conference 2017, and many local community organizations, including Chambers of Commerce, SCORE, and several school districts. Bob has been blogging on cybersecurity since 2006 at
  Related Posts

Add a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.