Having your Facebook account hacked can be an absolute nightmare and have potentially devastating knock-on effects, so here’s a useful way to help protect it from being hacked – enable two-factor authentication.
Facebook accounts have always been a rich target for cyber criminals. Think about the information your Facebook account holds; your name, your date of birth, your immediate family (as well as other close relatives), where you live. Now imagine what a hacker could do with that information if they got hold of it...
The first step in protecting your Facebook account is your account password. Make sure it is a strong password that you are not using on any other account. Every password you use should be individual, but almost no one actually has separate passwords for each login. A good way to do this is to use a password manager, such as NordPass or Dashlane
(For more information about Password Managers check out this Tech Radar article: https://www.techradar.com/best/password-manager).
Okay, step one complete, now we need to add another step to help keep intruders out, even those that manage to get hold of your password.
If you secure your account with two-factor authentication, an attacker will need access to a physical device in order to log in. Something that hopefully will be far harder for them to achieve.
Once two-factor authentication (2FA) is set-up, you will receive an alert whenever anyone attempts to access your account. And if it’s not you, then you know you can ignore it and your account is still safe. However, it might then be worth changing your password as the hacker may now have that.
Once the attacker realises you have 2FA, they will most likely give up trying to gain access to your account as the time and effort it would take to try and get around it wouldn’t be worth it.
Here’s how to set up 2FA on Facebook using the Facebook app on a mobile device.
From your home screen, tap the three horizontal lines just below the icon for Facebook Messenger. This will open the menu for your Facebook profile.
Go to 'Settings & privacy' – the icon looks like a cog and is at the bottom of the Facebook app.
In this menu, go to Settings’ and then 'Accounts Centre’ and then ‘Password and security'.
Scroll down this menu to 'Two-factor authentication'.
Choose the Facebook account you want to secure (You may also see your Instagram account here if you have one.) You may be asked for your password here, enter it.
The next screen will ask you to select a two-factor authentication security method – authenticator app or text message (SMS). Facebook recommends using an authentication app, such as Google Authenticator or Microsoft Authenticator, both of which randomly generate authentication codes each time you use the app. After you've chosen, press continue.
You'll be asked to set up the third-party authenticator which, if you don't already have it installed, you can download from several sources. If the Facebook app is on the same phone as your authenticator app, tap 'Set up on same device', which will save the key to the app. You can also save the key by copying the code and manually entering it into the authenticator app.
Confirm the prompt to save the key.
Two-factor authentication has been enabled – providing an extra layer of protection to your account when there's an attempt to access it from an unrecognised device or browser.
If you want to use an SMS as your security method – or as a backup option if your authenticator is unavailable – select 'Text message' (SMS) from the 'Select a security method' menu.
Select the phone number associated with your Facebook account, or enter a different number you want a code to be sent to, then press 'Continue'.
Facebook will send a six-digit code to the number you've entered. Once the code arrives in a message listed as from Facebook, enter it into the box and press 'Continue'
Two-factor authentication using text message is active and you'll be sent a code when there's an attempt to log in to your account from an unrecognized device or browser.
Here’s how to set up 2FA on your Facebook account using a web browser.
From your home screen, go to account settings in the top right-hand corner – it shows a small version of your Facebook profile picture.
Open the drop-down menu and select 'Settings & privacy' – the image looks like a cog – then click through to 'Settings'.
Click on the ‘Accounts Centre’ panel on the left-hand side of the screen.
Click on ‘Password and security’
On the right hand side of the screen click on 'two-factor authentication' It will now bring up any accounts you have, including your Instagram account if you have one. Click on the relevant account and add your password if required. Then select 'Use two-factor authentication'.
Select a method of two-factor authentication – Facebook recommends using an authentication app. Facebook recommends using Google Authenticator or Microsoft Authenticator, both of which randomly generate authentication codes each time you use the app.
A QR code will appear on screen – scan it using your authenticator app. Alternatively, manually enter the code that is displayed into your authenticator app.
Confirm the prompt to save the key.
Two-factor authentication has been enabled – providing an extra layer of protection to your account.
If you want to use an SMS as your security method – or as a backup option if your authenticator is unavailable – select 'Text message' (SMS) from the 'Select a security method' menu.
Select the phone number associated with your Facebook account, or enter a different number you want a code to be sent to, then press 'Continue'.
Facebook will send a six-digit code to the number you've entered. Once the code arrives in a message listed as from Facebook, enter it into the box and press 'Continue'.
Two-factor authentication using text message is active and you'll be sent a code when there's an attempt to log in to your account from an unrecognised device or browser.
The Microsoft Authenticator, is a software-based service that uses time-based one-time passwords to authenticate you with a different service. Other methods of authentication include one-time codes texted to your mobile phone or sent via email.
To download the Microsoft Authenticator, click on the relevant link below and follow the instructions.
If you would prefer to use your own authenticator app, such as Google Authenticator, please do so and then adjust the steps accordingly.
Anytime you now log in to Facebook, you will also need the authentication app to confirm it is you. If you ever get a random request, and you know you aren’t trying to login anywhere, do not authenticate it and immediately change your Facebook password (as well as the passwords of any other accounts that you are using the same password on!).
Stay safe out there folks. If you are worried about the security of your business IT, please get in touch.
Comments