HOW TO PROTECT YOUR FACEBOOK ACCOUNT FROM HACKERS (WITH 2-FACTOR AUTHENTICATION)
Seeing the increase in the number of Facebook accounts hacked in recent times, I've decided to make this post to show you how you can protect your own account. The need to protect our online accounts cannot be overstated. From hackers who post inappropriate contents under your profile to those who solicit for funds from your friends/contacts while impersonating you...the possibilities are endless! If you use Whatsapp you might have noticed how in a group you see a notification that one of the group members changes their numbers and suddenly the new number starts posting trivial stuff like Ponzi schemes, sure bet odds etc. Your online profile is your identity online. Remember that. So without much talk, let's cut to the chase.
General Tips to protect your online accounts
#1. Used strong passwords. To create strong passwords use a combination of letters (A - Z combining both capital and small letters), numbers and symbols (+&#@; etc).
#2. Don't create passwords that can easily be guessed. Passwords like 12345, passwords are examples of the easiest passwords to hack (takes about 9 seconds maybe less). Using your name in your password also isn't a very good idea.
#3. Don't use short passwords. The longer it is, the harder to crack.
#4. Don't keep your passwords where they can be found easily.
#5. Use different passwords for different sites.
#6. Change passwords often.
#7. Hackers' strategies revealed:
- Calls and notifications: If you ever get a notification by call, SMS, email, etc that you requested for one of your passwords or something similar and you're pretty sure you didn't, it might just be a hacker onto you. Mistakes do happen though and someone can put your details in error while requesting their details and it gets sent to you. Be on the alert when you receive calls asking for sensitive information. If you can't verify the authenticity of the call, it's best to drop the call and put a call across to the authorized platform. Be wary of calls asking for your debit/credit card details (card number, CVV. Card pin, etc).
- Spam links: This is one of the oldest tricks hackers use to get victims' information. The older way was to create a clone of a website and send a link to that cloned website to the victim by email. If for example, they cloned facebook.com, when you land on their cloned website, the address bar could read "faecbook.com" (notice the misspelling) but look exactly like the original website. When a victim enters their information to login thinking its the original website, their login information is then sent to the hacker. In recent times, the strategy took a different turn. The hackers can create an irresistible offer(read as clickbait) such as offering free TVs, iPhones, scholarships, etc to unsuspecting victims who go-ahead to sign up to redeem their "rewards". Most of the time, they use the same login information that they use on other sites while signing up so giving that up to hackers.
How you can spot suspicious links
Facebook.com is different from facebook.xyz.com and bit.ly/facebook. Now, what's the difference?
Official links usually come just before the website domain extension. Domain extensions are the .com, .org, .net etc. However you need to be sure of the official domain extensions in some cases. Not all official domain extensions of websites are .com. In this case facbook.com is the official website and notice that the "facebook" comes just before the ".com".
The second link is facebook.xyz.com. The actual website is xyz.com. So this link facebook.xyz.com is just a page on the xyz.com website. This is not the official Facebook website.
The third link is bit.ly/facebook. Just like the second link, this link is not the official Facebook website. The website is bit.ly (.ly is the domain extension). So the link bit.ly/facebook is under the bit.ly website.
Using 2-factor Authentication
There are several steps you can take to protect your Facebook account but we focus on using 2-factor authentication which is one of the latest security improvements provided by many websites. In the simplest terms, 2-factor authentication requires two forms (factors) of authorization before granting access to certain services. The most common authentication factors are passwords, one-time passwords (OTPs) and app-generated codes.
For this tutorial, you will need a smartphone with Duo Security installed (there are other apps like Authy).
Quick note: this tutorial assumes no technical skills so you may likely find it too simplified if you are an advanced user. Pardon me ;)
Follow the steps below to set up 2-factor authentication on the mobile app. If you use Facebook on a PC, scroll to page 10.
ON A SMARTPHONE (MOBILE APP):
1. Open the Facebook mobile app, login in and click on the hamburger menu icon at the top left:
2. On the menu, click "Settings and Privacy"
3. On the submenu click "Settings"
4. Next click on "Security and Login"
(See photo below)
5. Click "Use two-factor authentication"
6. Under Select a security method, ensure that "Authentication App" is selected (click the blue circle beside it) and click CONTINUE at the bottom
7. A QR code and a 32-digit code will be displayed (see below). If you have both the Facebook mobile app and Duo Mobile app on the same smartphone, click the "Set up on the same device link just below the QR code. It will automatically open Duo Mobile. Now skip to, step 10.
If you have Facebook mobile and Duo Mobile on different devices, scan the QR code on top (To scan the QR code, focus your smartphone camera so the QR code appears in the scanning area - see photo in step 9). Alternatively, tap the 32-digit code at the bottom of the screen to copy it. Click CONTINUE
8. Now open the Duo Mobile app on your smartphone. Click the "+" icon at the top right or click "GET STARTED".
9. If you copied the 32-digit code in step 7, on the next screen, click the "NO BARCODE?" button (labeled "N"). Then scroll down and select Facebook from the list that appears. If you're using the Facebook mobile app on a different device, scan the QR code at this point. To scan the QR code, focus your smartphone camera so the QR code appears within the scanning area.
10. Enter your Facebook email and the 32-digit code. You should see a screen like the one below. Tap the circled 6-digit code to copy it.
11. Now return to the Facebook mobile app, paste the 6-digit code from Duo Mobile app and click CONTINUE
On the next screen, you will see a notification that Two-Factor Authentication is On. Congratulations ;)
Very IMPORTANT! Remember that your two-factor authentication is secure as long as you don't expose your codes. Facebook isn't going to call you and ask you to tell them your code. Keep them to yourself. Cheers!