In the last few years, lots of hacked account has been reported to Facebook. So why hackers target it instead of other alternative like Gmail. This is because of less security and large targeting. Comparing to Gmail, Facebook security system is very poor. Moreover Facebook has wide variety of people to target including celebrities, politicians, musical bands etc., and this would be great platform for hacker ( usually one who want popularity ) to target large audience.
It's not the only case of celebrities and politicians, normal user also suffer from this. If you are not one of them, then you are lucky. Due to these reasons and reports, Facebook is now serious about security system and it has taken various major steps to advance it more. In today's tutorial I will guide you to secure your Facebook account so as to prevent it from being hacked by someone.
Not funny! But many of us don't know how to choose right Password. I have seen people using passwords like "ilovebullet", "iamthehero" etc., or using someone's name. These are just Shit. Maybe you have learned about permutation and combination in maths. Using this concept, hacker can create an automated machine to match your password. You should avoid this type of mistake. Its been said that long and complicated Passwords are more better and hard to hack easily.
The correct way is to include combination of characters ( capital and small both ), symbols and numbers. For Example: "ilovebullet" can be modified to "I<3Bullet". Here I am using 2 capital letters, 1 symbol, 1 number and 5 small letters. Whenever you create a new password, it shows strength side by side. Perfect strength is "Very Good" or it should lie between 70-80 percent.
Is Phishing a new word for you? Let me explain it. Phishing is an attempt to steal your username, password and credit card information using duplicate copy of original trusted website. The duplicate website is known as Phishing website which look same as that of original.
Usually hacker target people by sending automated unwanted mails ( known as Phishing mails ) which contain Phishing website link and works as bait. As you open it and login with your real username and password, all data will be sent to hacker. This can be more daring if you will submit your credit card information. Nowadays, Gmail and Facebook system is smart enough to detect such mail and Gmail will move it to spam folder. One the other hand Facebook will display warning message as you move to spam marked website.
Apart from Phishing mails, there are other ways available using which hacker can target you. For an instance think that you go cyber cafe and Phishing website is already opened in browser. From outside you may think that it's real one but not all the time. So below I have listed various precautions you can take before you become a real victim of this.
How to detect Phishing Website
Facebook has enabled login alerts using which you can know when your account has been logged in and on which device or browser. These alerts can be received as normal Facebook Notification, mobile message and E-mails. This can be helpful to know unwanted access to your account. If you find such case, simply change your password as soon as possible. You can turn ON login alert by Following these steps -
1. Login to your Account
2. Go to Settings
3. Find and Click "Security" tab.
4. Here you will find "Login Alerts" option. click the edit button next to it.
5. Now it will display 3 options as "Notification", "Email" ( for your primary email address ) and "Text Message" ( for your mobile number ). Simple enable one or more which suits you best and enjoy.
Facebook is now serious about spam links and hates such kind of activities that ruins normal user experience. Now its security system is smart enough to detect such links in easy way. Those links which are treated as spam will either be deleted. Otherwise you will be displayed with warning message to continue with them. Before leaving Facebook with any of the followed link, you just need to be sure whether it is safe or not. If Facebook is displaying warning message, then don't follow that link. If somehow you are sure about it, then continue but don't share your account information in any condition.
As you login for Facebook from any new device or browser, an IP address is automatically sent, which is saved in your account for that particular session. Your Facebook account will be logged in until you yourself doesn't logout it from that particular device or browser. Sometime it may happen that you don't have access to it. In such cases you can remotely remove their access by ending their active session. Simply follow these steps -
1. Login to your account and move to settings
2. Click on "Security" section.
3. Now click the edit button next to "Where You're Logged In". If you are on mobile version, then open "active session" option.
Here you will find a long list of all active sessions with their last accessed time, location and device type. Go through with all of them and select those which you find unfamiliar on the basis of their accessed time, location and device. Note: The location address may be different from your real location. In my case I am living In Uttar Pradesh, but it actually shows Delhi as my location. So before selecting an active sessions, make sure that they are far away from your real location like different state or country. If you find such case, first remove their active session and change your password as soon as possible. This is the best way to secure your account and keep watch on it regularly.
If you usually login with same browser or device, Facebook will mark it as recognized and treat it as trusted one. You won't get notified or have to confirm your identity when logging in from these devices. Each user has full access to check and manage them from their account. Simply follow these steps -
1. Again open settings and move to security.
2. Here you will find "Your Browsers and Apps" options. Click the edit button next to it. If you are on mobile than open "recognized devices" option. After this it will display a complete list of devices with their date of recognition. Select unfamiliar devices or browser and remove them.
Facebook keep note of all activities you follow and save them time to time. If you have tight security on Facebook including post review before they appear on your wall, than most probably you know about activity log. This is the place from where you can check what pages you like, whom did you followed and sent request. Moreover it can tell about each single like you made on photos and status. Apart from these it will list all books you liked, friend request you accepted and much more. To check your activity log, go to your profile and select "view activity log". You can filter results using sidebar menu options.
Now the question is why we need to check activity log ? Mostly hacker will use your account to spam other people ( your friends ) which include posting on their walls, posting to groups, liking unnecessary pages etc., Using activity log we can keep keen observation on all these things. Go through with all activities and check their for any malicious activity. If found, then remove it and change your password.
Facebook has added login approval feature which adds extra security layer to it. Using this you need to add another one time password ( OTP ) when logging in from new device or browser which isn't listed in your recognized devices. To enable this feature, follow below step.
Make sure you have Facebook app installed on your Android or iOS. Now login and move to option menu list. Scroll down to "help & settings" and click on "code generator". If you haven't activated then click "activate" button and it will display a 6 digit number. This number will be changed with another number in each 30 seconds.
Now next time whenever you will login with different device or browser, it will ask to add OTP - one time password in addition with normal password which can be retrieved from Facebook app code generator. If you want to disable this feature, simply go to account settings from desktop view and open security. Now click on edit button after "code generator" option and choose disable.
Earlier Facebook used to send OTP passwords on mobile number. But what if you are in remote area where no mobile connection exists. Due to this problem, Code Generator feature is added which is able to generate OTP even when your mobile is not connected to network.
Sometime it may happen that you will be forced to paste malicious script on address bar or in console box. Big shit! This is scam. You don't have idea about what's going on and boom you will be hacked. This type of scam works as bait for people and emotional force them to use it. For example: everyone want to know how to hack. But let me tell you there is no website or script which can do this. Now if you find someone claiming to teach you hacking, beware of such people. They are abusing Facebook policies. Keep Only one key mantra in your mind - never use unwanted script in you address bar and console box.
Do you use Facebook to login with other websites like Instagram, Pinterest, Linkedin etc., OK! Good. These websites are trusted one. But what for other scam websites like auto-liker and something like that. May be you have seen people using auto-liker on their photos and status. Let them do that shit. Be pure and enjoy real likes. If somehow you are using any auto-liker website and it ask you for app access token than please don’t do that before it's too late. Never ever share your personal details on such websites.
Apart from 11 security tips as mentioned above, there are few more you need to know in order to secure your account. All of them are listed below -
These are the best practices that I personally followed and I bet that your account will be surely 100% safe and secure if you follow these tips carefully. Last but not least, self security is best security. Beware of hackers and enjoy using Facebook features to its full potential. Still have some questions? Please ask me in comment. let's discuss more on security tips of Facebook.
It's not the only case of celebrities and politicians, normal user also suffer from this. If you are not one of them, then you are lucky. Due to these reasons and reports, Facebook is now serious about security system and it has taken various major steps to advance it more. In today's tutorial I will guide you to secure your Facebook account so as to prevent it from being hacked by someone.
1. Choose Right Password
Not funny! But many of us don't know how to choose right Password. I have seen people using passwords like "ilovebullet", "iamthehero" etc., or using someone's name. These are just Shit. Maybe you have learned about permutation and combination in maths. Using this concept, hacker can create an automated machine to match your password. You should avoid this type of mistake. Its been said that long and complicated Passwords are more better and hard to hack easily.
The correct way is to include combination of characters ( capital and small both ), symbols and numbers. For Example: "ilovebullet" can be modified to "I<3Bullet". Here I am using 2 capital letters, 1 symbol, 1 number and 5 small letters. Whenever you create a new password, it shows strength side by side. Perfect strength is "Very Good" or it should lie between 70-80 percent.
2. Beware of Phishing Websites
Is Phishing a new word for you? Let me explain it. Phishing is an attempt to steal your username, password and credit card information using duplicate copy of original trusted website. The duplicate website is known as Phishing website which look same as that of original.
Usually hacker target people by sending automated unwanted mails ( known as Phishing mails ) which contain Phishing website link and works as bait. As you open it and login with your real username and password, all data will be sent to hacker. This can be more daring if you will submit your credit card information. Nowadays, Gmail and Facebook system is smart enough to detect such mail and Gmail will move it to spam folder. One the other hand Facebook will display warning message as you move to spam marked website.
Apart from Phishing mails, there are other ways available using which hacker can target you. For an instance think that you go cyber cafe and Phishing website is already opened in browser. From outside you may think that it's real one but not all the time. So below I have listed various precautions you can take before you become a real victim of this.
How to detect Phishing Website
- Domain name may vary from real website. ( But not all the time, as it can be changed using JavaScript ). Before moving to any trusted website, please check its URL and match with real one.
- Check SSL Certificate - All trusted websites including Facebook have SSL ( Stands for Secure Sockets Layer ) certificate. It is a standard security technology for establishing an encrypted link between a server and a client. You can check it by clicking "green coloured lock button" left to site URL tab. If green lock button isn't available and site look similar to real one than I am sure it is Phishing website.
- Check HTTPS - Comparing to http, https is more secured URL. All trusted websites having SSL certificate uses https. You can check it by looking at URL.
- Layout Disorder - Most of the time fake websites will have layout disorder but it will look similar to original.
- Never share your password on unofficial website.
- Before logging in on cyber cafe, close all tabs and reopen again. When you leave computer, clear all history data including cache and passwords.
3. Turn ON login Alerts
Facebook has enabled login alerts using which you can know when your account has been logged in and on which device or browser. These alerts can be received as normal Facebook Notification, mobile message and E-mails. This can be helpful to know unwanted access to your account. If you find such case, simply change your password as soon as possible. You can turn ON login alert by Following these steps -
1. Login to your Account
2. Go to Settings
3. Find and Click "Security" tab.
4. Here you will find "Login Alerts" option. click the edit button next to it.
5. Now it will display 3 options as "Notification", "Email" ( for your primary email address ) and "Text Message" ( for your mobile number ). Simple enable one or more which suits you best and enjoy.
4. Beware of Spam Links
Facebook is now serious about spam links and hates such kind of activities that ruins normal user experience. Now its security system is smart enough to detect such links in easy way. Those links which are treated as spam will either be deleted. Otherwise you will be displayed with warning message to continue with them. Before leaving Facebook with any of the followed link, you just need to be sure whether it is safe or not. If Facebook is displaying warning message, then don't follow that link. If somehow you are sure about it, then continue but don't share your account information in any condition.
5. Remove Unwanted Active Session
As you login for Facebook from any new device or browser, an IP address is automatically sent, which is saved in your account for that particular session. Your Facebook account will be logged in until you yourself doesn't logout it from that particular device or browser. Sometime it may happen that you don't have access to it. In such cases you can remotely remove their access by ending their active session. Simply follow these steps -
1. Login to your account and move to settings
2. Click on "Security" section.
3. Now click the edit button next to "Where You're Logged In". If you are on mobile version, then open "active session" option.
Here you will find a long list of all active sessions with their last accessed time, location and device type. Go through with all of them and select those which you find unfamiliar on the basis of their accessed time, location and device. Note: The location address may be different from your real location. In my case I am living In Uttar Pradesh, but it actually shows Delhi as my location. So before selecting an active sessions, make sure that they are far away from your real location like different state or country. If you find such case, first remove their active session and change your password as soon as possible. This is the best way to secure your account and keep watch on it regularly.
6. Remove Unwanted Recognized Device
If you usually login with same browser or device, Facebook will mark it as recognized and treat it as trusted one. You won't get notified or have to confirm your identity when logging in from these devices. Each user has full access to check and manage them from their account. Simply follow these steps -
1. Again open settings and move to security.
2. Here you will find "Your Browsers and Apps" options. Click the edit button next to it. If you are on mobile than open "recognized devices" option. After this it will display a complete list of devices with their date of recognition. Select unfamiliar devices or browser and remove them.
7. Keep Watch On Activity Log
Facebook keep note of all activities you follow and save them time to time. If you have tight security on Facebook including post review before they appear on your wall, than most probably you know about activity log. This is the place from where you can check what pages you like, whom did you followed and sent request. Moreover it can tell about each single like you made on photos and status. Apart from these it will list all books you liked, friend request you accepted and much more. To check your activity log, go to your profile and select "view activity log". You can filter results using sidebar menu options.
Now the question is why we need to check activity log ? Mostly hacker will use your account to spam other people ( your friends ) which include posting on their walls, posting to groups, liking unnecessary pages etc., Using activity log we can keep keen observation on all these things. Go through with all activities and check their for any malicious activity. If found, then remove it and change your password.
8. Use Login Approval Feature & Code Generator
Facebook has added login approval feature which adds extra security layer to it. Using this you need to add another one time password ( OTP ) when logging in from new device or browser which isn't listed in your recognized devices. To enable this feature, follow below step.
Make sure you have Facebook app installed on your Android or iOS. Now login and move to option menu list. Scroll down to "help & settings" and click on "code generator". If you haven't activated then click "activate" button and it will display a 6 digit number. This number will be changed with another number in each 30 seconds.
Now next time whenever you will login with different device or browser, it will ask to add OTP - one time password in addition with normal password which can be retrieved from Facebook app code generator. If you want to disable this feature, simply go to account settings from desktop view and open security. Now click on edit button after "code generator" option and choose disable.
Earlier Facebook used to send OTP passwords on mobile number. But what if you are in remote area where no mobile connection exists. Due to this problem, Code Generator feature is added which is able to generate OTP even when your mobile is not connected to network.
9. Avoid Malicious Script Code
Sometime it may happen that you will be forced to paste malicious script on address bar or in console box. Big shit! This is scam. You don't have idea about what's going on and boom you will be hacked. This type of scam works as bait for people and emotional force them to use it. For example: everyone want to know how to hack. But let me tell you there is no website or script which can do this. Now if you find someone claiming to teach you hacking, beware of such people. They are abusing Facebook policies. Keep Only one key mantra in your mind - never use unwanted script in you address bar and console box.
10. Never Share Your App Token
Do you use Facebook to login with other websites like Instagram, Pinterest, Linkedin etc., OK! Good. These websites are trusted one. But what for other scam websites like auto-liker and something like that. May be you have seen people using auto-liker on their photos and status. Let them do that shit. Be pure and enjoy real likes. If somehow you are using any auto-liker website and it ask you for app access token than please don’t do that before it's too late. Never ever share your personal details on such websites.
11. Few More Security Tips
Apart from 11 security tips as mentioned above, there are few more you need to know in order to secure your account. All of them are listed below -
- Keep your antivirus updated. These are smart enough to detect malicious and Phishing websites and have power to secure you by 100%. So keep your antivirus updated with latest premium version.
- Never allow permission to Facebook apps which aren't official.
- Never share your personal information with anyone including your friends, family members and colleagues.
- Log into Facebook and if it ask to login again. Try to open it in new tab and close earlier one.
- Keep your browser and device updated.
- Regularly Change your password time to time.
- Don't download unwanted apps or software in your device. Download from trusted websites only.
- Logout your account after use from unfamiliar device or browser.
Over to You!
These are the best practices that I personally followed and I bet that your account will be surely 100% safe and secure if you follow these tips carefully. Last but not least, self security is best security. Beware of hackers and enjoy using Facebook features to its full potential. Still have some questions? Please ask me in comment. let's discuss more on security tips of Facebook.
Leave A Comment