Facebook has been rolling out new or improved security and privacy features in rapid succession for the past year. Many of the changes have only been announced on the official blog and third party sites like Ghacks that report about them. Facebook users who do not read the official blog or third party sites like mine may have missed some or even all of the security and privacy changes. Most new features are added as opt-in features to the social networking site, which means that many users have not enabled them yet.
This short guide lists the important changes and some general tips to improve a Facebook account's security and login.
Facebook Account Hardening
Most security features on Facebook deal with the log in on the site. This is where we start as well.
- Facebook password: Make sure you use a secure password on Facebook. Best passwords are made up of a combination of letters, numbers and special characters. It is suggested to use at least 14 characters, the more the better. Make sure that you do not use dictionary words, names or other terms that can be associated with you.
To change your password do the following: Click Account on the upper right and select Account Settings from the menu.
Locate Password under the Settings tab and click the change link on the right of it. A form opens on the same page where you need to enter your old password and the new password. A click on Change Password completes the process so that the new password will be the valid password from that moment on. You will be logged of all computers when you change the password.
- Security Question: The security question and answer are used by Facebook to identify the account owner, for instance when you contact them because you do not have access to your account anymore. It is important to select a question and answer that only you can answer. Remember that you can add any answer that you want. Instead of answering "What was the last name of your first grade teach" with Mrs. Smith, you could instead use characters from your ID card, driver's license or a phrase that you can remember well.
You can change the Security Questions under Account Settings as well. Just select change next to Security Question this time.
- Secure Browsing (https): You can open Facebook by loading http://www.facebook.com/ and https://www.facebook.com/. The difference? The HTTPS variant is more secure, as it uses encryption which blocks access to spy on your network traffic. That's for instance helpful if you connect to the site from a public computer or wireless network.
- Login Notifications: You can enable this option to receive emails whenever someone logs in to your Facebook account from an unrecognized computer.
- Facebook Login Approvals: This new feature improves security by linking the Facebook account to your mobile phone number. Facebook sends a pin to the linked mobile phone whenever someone tries to log in from an unrecognized computer. You need to add your mobile phone number to Facebook before you can make use of that feature.
You can configure all three options under Account Settings. Locate Account Security there and click the change button to see the following configuration options.
It is suggested to enable all three, unless you do not want to add your mobile phone to Facebook. Enable the first two (secure browsing and login notification) then.
Is there anything else that you do to keep your Facebook login and account secure? Let us know in the comments.