This week in our Out Tech Your Kids Facebook group, we were asked how to prevent a Facebook hack, and specifically, if were any security measures to take that might help. And yes, yes there are!
Here, a few really simple tips to help prevent a Facebook hack. They can save you so much hassle (or worse) in the long run.
And these tips are not just for Facebook, of course. These tips can be used for creating strong passwords and better security for Instagram, Twitter, your financial accounts, your online shopping favorites — anyplace, really, that can potentially be hacked.
Which means, really, everywhere.
How to prevent and report a Facebook hack
1. Use strong passwords!
Your first step, if you want to prevent a Facebook hack, is alllll about passwords.
In this post, we shared pro advice for creating strong passwords, recommending that a series of connected but unrelated words, ideally incorporating symbols, numbers and random capital letters, are your best bet. Like t0enail-josePhine-iamb1ic. Or wateriCe-hanoi1-sP0ngebob3.
Here’s some more advice for creating secure passwords, with a little more detail.
And if you want to learn whether any of your accounts at all have been compromised through major hacks (like say Adobe, Wells Fargo, or other big security breaches in the past, our reader Mel reminds us that you can visit haveibeenpwned.com and see exactly which accounts of yours may be compromised. It’s a little…scary. But better to know.
2. Do not reuse passwords, even if you’re making tiny changes to them.
You may love your one, single password that you’ve used forever. I get it! It’s easy, it’s comfortable, you think about it all the time. And I’m sorry…but you have to break up.
It’s not you, it’s them. You’re too good for them!
So let’s say PB&J25 is your go-to. Even if you tweak it to BP&J25facebook or PB&Jmastercard or PB&J7, these are easy patterns to uncover if you’re dealing with savvy hackers. Create a new one, and write it down safely somewhere — more on that below.
3. Say yes to 2-factor authentication (2FA)!
This simply means that when you log in from a new device, after an app update, or after you’ve cleared your cache/cookies, for example, you’ll be prompted to fill in your password and provide a one-time code that is sent to you through another secure method that you’ve chosen.
Generally that will result in a a text to your phone, an email, or even a phone call providing that code before you can log in.
1Password and similar apps will alert you if 2-factor authentication (2-FA) is available for your accounts
Your authentication code via text will look something like this
2-factor authentication is really a must if you want to prevent a Facebook hack. In fact, when you get that (legitimate) email tor text that says “sorry you’ve had trouble getting into your account! Do you need to reset your password?” it’s a little freaky seeing that someone was just that second trying to access your account with a reset — but also reassuring that it was caught in time.
(And when that happens, go ahead, log right into your account directly, then change the password anyway.)
4. Use a secure password manager like 1Password
I have been raving about 1Password for years now, and I love it. (They are also now an affiliate, but I’d rave about them anyway.) It makes it so easy to create, store, and manage secure passwords, and — bonus — to see immediately if a password has been reused, or compromised in a data breach.
Oh, and don’t balk at the price. Do you pay to have a good lock on your front door? That’s what this is — a good lock for lots of important (and valuable) things that you don’t want hackers to have access to.
Tip: If you don’t have a password vault, you can use the Notes app (iOS) or similar for lists of passwords and lock it! Just click that little icon at top and now it’s safe. However one more plug for a password manager, if you’ll forgive me — they have a lot of features that go beyond what you can do by writing stuff down. Like the breach alerts. Also, they make it like super easy to change a lot of passwords quickly, which is ideally something you should be doing every six months or so according to experts, or after any kind of attempted hack or breach.
Which brings us to…
5. Change your passwords every so often.
I know we won’t all really change all passwords every six months. Even if it does help prevent a Facebook (or other) hack, you probably have a lot of passwords! Instead, consider setting calendar alert every 6 months just to change some of the more targeted types of accounts, like your social media and financial accounts, Amazon, and so on.
(If someone gets your one-time use password to your PTA account, it’s not great but it’s lower risk in terms of data being compromised.)
This is also a good opportunity to turn on 2FA if you haven’t already.
6. Don’t click any sketchy links. Trust your gut!
I know, I know. Spam links and phishing attempts seem to be increasing like crazy lately, especially in text — but it’s always been a problem in Facebook Messenger. I would suggest you don’t click anything in Messenger. Even someone trusted. Tell them to email it to you or text you — a real friend will have that info.
And by all means, don’t click on any “YouTube” links in Messenger with notes like Is this you in here? LOL — I know it’s tempting to click, it’s designed that way! So you just go ahead and outplay them by not clicking. (And if it does come from a friend, you can be nice and let them know to change their password.)
If you are hacked on Facebook…
First off, argh. That really sucks. Be sure to report it ASAP to Facebook or have a friend do it, if you can’t get into your account.
Unfortunately, Facebook doesn’t make it too easy to find ways to report specific violations, so I found a few for you. Also, they’re not always the most responsive, especially when you’re freaking out about something like this, so be get started on reporting hacks ASAP with thee links:
– How to get help with a hacked Facebook account
– How to report a profile or Facebook page pretending to be you
– How to report an imposter account if you don’t have a Facebook account (for all you celebrities reading)
For more tips like these, or answers to your own questions, be sure to visit the Out Tech Your Kids Facebook community, which is arguably the most helpful, responsive, least judgmental group of parents talking tech.