How To Properly Protect Your Facebook Account, Login
Facebook has been rolling out new or improved security and privacy features in rapid succession for the past year.
Many of the changes have only been announced on the official blog and third party sites like Ghacks that report about them. Facebook users who do not read the official blog or third party sites like mine may have missed some or even all of the security and privacy changes. Most new features are added as opt-in features to the social networking site, which means that many users have not enabled them yet.
This short guide lists the important changes and some general tips to improve a Facebook account's security and login.
Facebook Account Hardening
Most security features on Facebook deal with the log in on the site. This is where we start as well.
Facebook password
Make sure you use a secure password on Facebook. Best passwords are made up of a combination of letters, numbers and special characters. It is suggested to use at least 14 characters, the more the better. Make sure that you do not use dictionary words, names or other terms that can be associated with you.
To change your password do the following: Click on the menu icon in the upper right and select Settings from the menu. You may load https://www.facebook.com/settings directly as well to open the Settings.
Locate and activate Security and Login under Settings and click the change password link after the page has loaded
A form opens on the same page where you need to enter your old password and the new password. A click on Change Password completes the process so that the new password will be the valid password from that moment on. You will be logged off all computers when you change the password.
Login Notifications
You can enable this option to receive emails whenever someone logs in to your Facebook account from an unrecognized computer.
- Select Edit next to "get alerts about unrecognized logins" on the Security and Login page on Facebook's website.
- Make sure that "get notifications" is checked for Notifications and/or Messenger.
- If you want to receive alerts by email, enable email alerts on the page as well.
Facebook notifies you automatically when it recognizes logins from devices that the service can't link to you.
Two-factor authentication
Two-factor authentication is probably the most important security feature next to selecting a secure password for your Facebook login.
The feature adds another layer to the authentication process which means that attackers can't just use a Facebook user's email address and password to sign in anymore but need a secondary code as well that is generated in real-time.
Select "use two-factor authentication" on the Security and Login website to enable the feature. You need a mobile phone for that, and may get codes via SMS or by using an authentication application.
Facebook walks you through the setup process on the website. Check out this help page on the Facebook website for additional information.
Other things you may do or enable:
- View and manage the list of authorized devices. Remove any device that you don't recognize or don't use anymore.
- Choose contacts that you trust to avoid getting locked out.
- Provide Facebook with your OpenPGP public key so that the company may encrypt all emails it sends to you.
- Check the list of recent emails sent by Facebeook.
- Verify that your contact information, especially the email address, is correct.
Is there anything else that you do to keep your Facebook login and account secure? Let us know in the comments.
Old information that is no longer valid
Secure Browsing (https)
You can open Facebook by loading http://www.facebook.com/ and https://www.facebook.com/. The difference? The HTTPS variant is more secure, as it uses encryption which blocks access to spy on your network traffic. That's for instance helpful if you connect to the site from a public computer or wireless network.
Security Question
The security question and answer are used by Facebook to identify the account owner, for instance when you contact them because you do not have access to your account anymore. It is important to select a question and answer that only you can answer. Remember that you can add any answer that you want. Instead of answering "What was the last name of your first grade teach" with Mrs. Smith, you could instead use characters from your ID card, driver's license or a phrase that you can remember well.
You can change the Security Questions under Account Settings as well. Just select change next to Security Question this time.
Facebook Login Approvals
This new feature improves security by linking the Facebook account to your mobile phone number. Facebook sends a pin to the linked mobile phone whenever someone tries to log in from an unrecognized computer. You need to add your mobile phone number to Facebook before you can make use of that feature.
You can configure all three options under Account Settings. Locate Account Security there and click the change button to see the following configuration options.
It is suggested to enable all three, unless you do not want to add your mobile phone to Facebook. Enable the first two (secure browsing and login notification) then.
i cant open my own facebook.
The one about Login Notification was very useful to me. I didn’t know about that. Thanks for sharing.
I can’t find the security question. See screenshot below:
http://i54.tinypic.com/2rwmioz.gif
That’s strange.
Definitely a good idea to answer security questions with a strong password instead of handing over pet’s name, mother’s unmarried name, birthplace etc…