Over the last couple of years, Facebook has made great strides in security and privacy. But to ensure the right level of security for you, both casual and avid users need to understand the giant social network’s security options.
Security vendor Kaspersky Lab posted this week a how-to video on securing a Facebook account that’s worth reviewing to make sure your settings are right for you and the way you communicate with friends.
The First Step: Create A Strong Password
A usual, the first step is using a strong password. That means no names, Dictionary words, birthdays, keyboard patterns or – obviously – the word “password.” If you’ve used any of those easy-to-remember-but-easy-to-hack sign-ins, then head to your account settings and change it.
In general, a password should be at least eight random characters that include uppercase and lowercase letters, numbers, symbols and punctuation marks. “If you’re afraid you’ll forget it, then you’re probably on the right track,” said Brian Donohue, a writer for the Kaspersky Lab blog.
Link A Mobile Device
The next step is to link the Facebook account to a mobile device, so it can be used for security measures to be described later. Then go to security within account settings and enable secure browsing. This allows you to browse Facebook on a secure HTTPS connection whenever possible.
This connection prevents snooping when on an unsecure WiFi connection. Facebook has said this will be a default setting eventually, but has not specified when. Be aware that while HTTPS beefs up security, it can also slow down browsing the site. In addition, it can cause problems with third-party applications that do not support HTTPS.
Enable Login Notifications
Other security options include login notifications when an unrecognized device or computer accesses your account. You can choose between email or text notifications or both. There’s also the option of having a security code sent to your mobile phone whenever Facebook is accessed from an unrecognized device. To continue, you have to enter the code. Facebook also provides the option of generating your own codes on Android devices and iPhones.
For Facebook apps that can’t receive security codes, Facebook provides the option of app-specific passwords. This prevents, for example, people using an Xbox from being locked out when they have login-approval enabled.
Facebook users can set up trusted devices in advance, such as their home computer, work computer and mobile phone. This works in conjunction with login approval to notify people whenever another device tries to access their accounts.
Kaspersky also recommends periodically checking the active sessions within your security settings to make sure that someone with an unrecognized device has not been trying to access your account.
Privacy And Security
Beyond security settings, you can take privacy-related measures to boost your defenses against cybercriminals.
For example, when posting to your newsfeed, you have the option of tagging the person you are with at the time. While this is a nice detail to share with your other friends, Facebook users should be cautious about sharing such information, which can become a profiling tool for scammers, according to security vendor ESET.
Algorithms can be used to build a profile of you based on the people you spend time with the most. Scammers and identity thieves can use such information to build more targeted spearphishing attacks, tailoring the message of a malware-carrying email with personal information that makes it appear legitimate.
The same cautions should be used when sharing your location when posting to your newsfeed. If you post a picture while on vacation hundreds of miles from home, you open the possibility of someone breaking into your house while you are away.
In becoming one of the world’s default tools for interacting with friends, Facebook has also become a treasure trove of information and access for scammers, identity thieves and other cybercriminals. Facebook’s 950 million users can’t completely avoid the security risks, but occassionally taking the time to review and update your security options can go a long way to keeping you out of trouble.
Image courtesy of Shutterstock.