3 quick steps to better Facebook security

Somebody in New Zealand tried to use my Facebook account today. Thanks to my Facebook security settings they failed.

facebook security

 

There are plenty of reasons for wanting to get into someone else’s Facebook account. From just a bit of vandalism to identity theft or conning your friends. All those sites and apps you login to with your Facebook account? Get the key to unlock all of them.

It’s also one that we can easily be tricked into giving up. How automatic is the habit of typing in your details if a site says “login with your Facebook account” or, the cardinal sin, using the same password for Facebook as for something else?

How did I know I was being hacked?

Why, a Facebook notification, of course!

unrecognised

I was informed that someone was trying to access my account in New Zealand. Of course, they could have been anywhere in the world, really. It’s not hard to spoof that. Regardless, even if they’re from Faversham (actually, especially if they’re from Faversham), they’re not welcome.

Facebook are pretty clever at spotting unusual behaviour, especially trying to login in two places on opposite sides of the world. But you can help it even more.

How can I improve my Facebook security?

settingsAll three settings I’m going to recommend are found in the same place, so…

  • Login to your Facebook account
  • Click the little drop-down menu in the top, right corner
  • Click Settings
  • Click the Security tab on the left hand list that appears

…or, if you trust me not to put up dodgy links, just go straight to https://www.facebook.com/settings?tab=security

 

1. Login notifications

Not vital, but great fun for the paranoid. The first option in the list is Login notifications – click the little Edit link.

login notifications

You can choose to receive emails, text messages or notifications on your mobile’s Facebook app when a new PC or device is used to access your account. These can be genuine occasions, you may have just bought a new laptop, but they can also be a wake up call to beef up your security.

2. Login Approvals

Follow the instructions to set up your mobile phone to receive a code by text message whenever you try to login to Facebook with a new device. Without this code, you cannot login – without your phone, your attacker won’t know the code.

Login Approvals

A great idea, but if you lose your phone or cannot get a signal, this could be a pain in the backside. So make sure you set up option 3 too…

3. Code Generator

This uses the Facebook app on your smartphone or tablet to generate a code for you when you try to login somewhere strange, and you don’t need a phone signal (or even to have your smartphone on wifi) to generate it. The code changes every 30 seconds, it’s clever stuff.

Code Generator

Interestingly, there is an option to “Set up another way to get security codes” – this will generate a QR code to set up your Google Authenticator if you are already using it for 2-factor authentication on your Google account (what do you mean you’re not? I’ll have to write another blog!) – they just don’t tell you that it works with Google Authenticator, you have to experiment!

Finally – Common Sense:

  • Don’t have easy to guess passwords
  • Don’t use the same password for different sites (have a look at lastpass.com for help with this one)
  • Don’t go typing your password into strange places

crimewatch

For those of you old enough to remember.

Follow me

Jonathan Gwyer

Jonathan Gwyer first delved into geekery with a ZX81 in 1981 and has been working in IT since 1990.

A Microsoft Certified Professional with many years of large corporate experience and training, he now focuses on helping small businesses make the most of their IT.
Follow me

Latest posts by Jonathan Gwyer (see all)

Copyright © 2008-2017 Jonathan Gwyer
Web Design by fairly marvellous Kent

3 quick steps to better Facebook security

by Jonathan Gwyer time to read: 2 min
0