My friends Facebook page was recently hacked and the hacker is now demanding a ransom to give the page back.
He has taken steps to resolve this issue but without paying the $1,500 there is nothing he can do right now that he has not done already.
Avoid sharing his unfortunate fate by reading this post and applying the Facebook security tips below to prevent your Facebook page and account from getting hacked as well.
Without taking these steps to secure your page you could get hacked. Even Mark Zuckerberg’s account has been hacked.
The following tips will help you keep your Facebook account, and your online reputation, secure.
1. Always Log Out
If you don’t log out of your account hacking your page is simple.
Don’t forget to log out if there is potential for someone else to use the same computer as you.
2. Enable Secure Browsing
Secure browsing (https) is a security feature that will encrypt your activity on Facebook where possible, making it harder for anyone else to access your Facebook information without your permission.
To change your secure browsing (https) setting:
- Go to your Security Settings
- Click on the Secure Browsing section
- Check the box provided and save your changes
3. Enable Login Notifications
Here’s the description Facebook gives of login notifications.
Login notifications are an extra security feature. When you turn on login notifications, we’ll send you an alert each time someone logs into your account from a new place.
- Go to your Security Settings
- Click on the Login Notifications section
- Check the box next to the type of alerts you’d like to receive and save your changes
4. Remove Your Email Address From Your Profile
Since your email address doubles as your Facebook username you should change your privacy settings to hide your login email address from your public profile.
Here’s how to do this.
- Log in to your Facebook account and find the Contact Information section on your About page.
- Click the Edit button.
- Find the email address that you use to log in to Facebook with and click the down arrow beside the “Lock” icon, then place a check mark beside Only Me.
- Next, click the down arrow on the right and place a check mark beside Hidden from Timeline.
5. Create an Unguessable Password
By creating a random password you increase your security by decreasing the chances that a person or a software program will crack your password.
The most unguessable password would be a string of random characters like ‘$t6gxgku@mn,$L”A% and the longer the password is the better.
Sure, a computer could eventually discover such a password using a brute force attack, but it gets more difficult the longer you make your password.
For example, to crack the above password, if a billion passwords per second, it would take 10,533,833,066,248,927,000 years to look at all the possible combinations.
For a password that is 9 characters long it would take about 26 months to crack.
6. Enable Cell Phone Login Approvals
Login approvals are an extra security feature similar to login notifications, but with an extra security step.
If you turn on login approvals, you’ll be asked to enter a special login code each time you try to access your Facebook account from a new computer or mobile phone.
After you log in, you’ll have the option to give that device a name and save it to your account. You will only have to do this once per device and then that device will become one of your recognized devices.
To turn on login approvals:
- Go to your Security Settings page
- Click on the Login Approvals section
- Check the box and save your changes
Facebook also lists these few things to note:
- You need to have a mobile phone number listed on your account to turn on login approvals. You can add one to your account when you turn on login approvals.
- If you haven’t named the device you’re using, you’ll be asked to do so when you turn on login approvals. Don’t click the Save this device option if you’re using a computer that other people use (ex: a library computer).
- After you turn on login approvals, we need to be able to remember your computer and browser info so we can recognize it next time you log in. Some browser features block this. If you’ve turned on private browsing or set up your browser to clear your history every time it closes, you might have to enter a code every time you log in.
7. Only Access Facebook from Your Computer
If you access Facebook from your computer and phone only then you can rest assured that there is likely not malicious software installed.
One class of malicious software you should be aware of is key-logging software. Key-logging software records every key that is entered and can save and relay this information.
8. Inspect Your Browser for Spyware
First of all I recommend you download and use Google Chrome to give yourself the most secure web browsing experience.
If you have Chrome already or once you implement Chrome you should periodically check your extensions to ensure no malware software is installed.
To check your extensions click the triple line icon in the top right corner and select “Settings.” Then click “Extensions” in the top right. Now remove any extensions unless you absolutely need them. The only extension I use is a password manager.
9. Run Anti-Virus Software
Run anti-virus software on your computer.
Facebook recommends these free anti-virus solutions.
10. Build an Email List
If you implement the tips in this post your page should not be hacked, but it’s always smart to have a back up plan.
The best back up plan is a strong email list. If your fans are also subscribers of your email list then even if something were to happen to your Facebook page or if you wanted to start a new page all you’d have to do is send an email to your list and let them know about your new page.
11. Don’t Use a Predictable Password
Below are the top 25 most used passwords. Don’t use any of them, or any other password that could be easily guessed.
12. Do Not Install Suspicious Applications
There are many Facebook applications which do not respect your wishes and post unwanted material on your friends wall without your knowledge and permission.
Please refrain from those sort of applications.
13. Do Not Enter Your Login Info Into an App Inside Facebook
Some applications on Facebook are malicious and will compromise your account.
Stay clear of any application which asks you to enter your facebook username and password (or your email username and password). These are phishing applications which collect your account information and compromise your account.
14. Do Not Share or Save Your Facebook Password
Do not share your password with anyone, or save it in a document on your computer.
The best way to go is by memorizing a password that only you know.
15. Always Check the URL When You Are Logging In
Phishing scams are often executed with a fake login page that appears identical to the actual Facebook login page.
A clear indication of a fake login page is found within the URL of the page.
Although hackers can create visually exact looking copies of the Facebook login page they are unable to use the same URL.
Bonus Tip: Don’t Drink and Facebook
If you’re drinking make sure to log out of Facebook.
Several times I have seen statuses from people who have made this mistake and had their drunk friends take full advantage of their Facebook sitting open by posting embarrassing updates on their account.
Spare yourself that type of situation and keep your account secure.
Has your Facebook account ever been hacked? Let us know what you think of this post and Facebook security in the comments below!
Latest posts by Garin (see all)
- [Infographic] Do This Not That on Facebook - November 14, 2014
- 101 Ways to Get More Likes on Facebook - November 9, 2014
- 15 Sneaky Facebook Hacks That Will Skyrocket Your Reach - November 8, 2014