This is IT era now.Several ways of fastest communication are now developed.Social networking is rapidly growing IT industry these days and Facebook is leading the race. People share updates, picture, videos and interact with one another via Instant Messaging on Facebook.It necessary to keep secure yourself on Facebook because anyone gain access to your Facebook account if you show any neglegency.This guide will help you to increase security of your Facebook account, Control what you see and also control the your data which people see.User himself is the first line of defense against any threat.Read this thoroughly if you do not want to get embarrassed on Facebook or any other related issues.
How Accounts get hacked?
Before moving towards the security tips. I want to explain some common methods of Facebook account hacking theoretically.It will help you to understand that how evil guys do that.
- Guessing – it is the most simplest way to get into someone's account. As the name refers in this process the hacker guess the password of the victim and it is useful process when your password is your phone, birthday, girlfriend name or any other common word of your life.
- Shoulder surfing – In this process, hacker know your password standing beside you when you are typing your password.This can be only done by any person near to you.
- Social engineering – This includes the gaining trust of the victim.Manipulating him to gain his secrets and knowing all about it.This is simply tricking anyone to tell his password either pretending to be the IT manager or a friend.
- Phishing – That's most successful way to hacking in someone's account.It is done by creating a fake page which is similar to any Facebook login page.It is sent to user via any IM or email.When the victim enters his/her password in that page the page usually redirects to original Facebook and Hacker gets all the login credentials.
- Brute Force Attack – This is not so much working these days but still it is practised by the hackers. In this attack, hacker automate the login submission and the Brute force software tries different password combinations untill the password matches. It usually takes very long time.
- Dictionary Attack – It is the simpler version Brute Force attack. In this attack, the attackers just try a set of dictionary words and automate them using the software.
- Istealers – These are the type of softwares which are installed in the victim's computer and these softwares then send the login details to any website which victim enters to the hacker. These softwares usually came attached to the cracked softwares or binded to file downloaded from insecure and unauthentic secure.
- Keyloggers – These softwares records the victim "key strokes" and send the record to the hacker. Same procedure is used for its installation as used by Istealers.
- Sniffing – Monitoring the network traffic over someone else computer. The password which are sent in palin-text can be extracted in this way. Usually websites use SSL of https to overcome this issue.
- Insecure Systems – Hackers can extract your passwords from insecure website forums and use this sensitive information on other websites which are of more importance.
- Cookie Stealing – Website saves its data in the browser in the form of cookies/cache, a hacker can steal this and extract the data which can be used to hack into the victim's account.
Tips for secure password
Password is the first step of the your Facebook account security. A stronger password can resist hackers to breach into your account.Following tips can be used to make your password super-secure.
- Password must contain more than 9 characters.
- Password containing the combination of lowercase letters, uppercase letters, numbers , symbols and spaces is considered as most secured password.
- Don't use your name, birthday, phone number, address, or any other personal information as password.This can make the hacker to be the most easy way to hack into your account.
- You can use a shrinked phrase as password as well such as " My home is in river " and the password can be "Mh!ir6". In this way you can easily remember your password easily.
- Don't save your passwords in text files or don't wrote down it on your notebook or dairy.
- Use different passwords for different websites.Such as don't use your Facebook password as your Bank login password.
- Don't keep the password same for years or even months. Change all the passwords frequently to assure the security.
- Use different passwords especially for those websites are are not SSL secured and don't start with https
Keeping above things in mind. We will proceed further and know some other necessary things which can be helpful or even necessary to assure the permanent Security of Facebook account.
First thing which you should do while logging into your Facebook account is that you should observe you connection with Facebook is secure or not. Sign of lock and https indicates that website is using SSL or secure socket layer to exchange information between the user and the Facebook server.If the https is missing than type it to ensure the security while logging in.This is also protects you from sniffing over insecure public wifi network.
Avoid PhishingPhishing pages are the fake Facebook login pages created by Hackers to gain access to the passwords of their victims.THese pages exactly look like Facebook login page or may some different from it.These pages can easily fool you so before logging into your account, keep in mind to make sure the accuracy of URL . it should be https://www.facebook.com/ . If the URL is different than avoid logging in. If you did it accidently than change your Facebook Password immediately.I were reported this email by a fellow.
“Dear Facebook User,
You are receiving this message to notify you about the new security feature from Facebook
called “Fan Page Verification Program”.
After many Fan Pages have been stolen lately leaving us no choice but Deleting them forever,
we had to come up with an original solution about the Fan Page’s Security.
Luckily, your Fan Page, has a lot of likes and provides High Quality Content, which qualify it for
To complete this process you must choose a 10-digit number (it can be any number) and that
number will be assigned as your Security code”. This code will be the new passphrase for
changing anything important for your Fan Page, like the Admin roles or other important
Please be aware that this process is open only until 30.05.2013 and its mandatory to complete
it. If you don’t, your Fan Page will be suspended permanently since it is not considered safe for
the wide audience.
Activate NotificationsIt is very helpful to activate the notifications system of your Facebook account. When ever some one or even you will try to login from any unknown location/computer you never used to login before. An Email or SMS (If you have added the mobile number Recommended) of the login. Move to your Settings tab> Security > and Click Edit on Login Notifications and enable them.It is better to activate them on mobile rather than email because we don't check our email to often and Mobile text is quick.Choice is yours but the Mobile is recommended.
Login ApprovalsThis is a kind of second step authentication in which not only your password is used to login the account but your mobile phone also.Everytime when you will try to login, a Code will be sent to you on your phone and you have to put it there for successful login. In case, if you don't have your phone with you than click on "Get Codes" and print the codes shown there.Keep them safe and use them when you don't have your phone with You.In these days, this is the best practice to keep your account safe and secure with double authentication because hacker must have your phone and password to access your account.
Code GeneratorIf you are a smartPhone user than this could be a best practice than even mobile notifications."Code Generator" is a feature available in Official Facebook Mobile app both for Android and iOS.When you will try to login from any unknown device or location. You will be asked to submit the code after the password.This code is similar to those codes which are sent you via mobile.You can simply scroll down in Options tab of your Facebook mobile app.Click on Code Generator and a code will be displayed to You.Write this code where it is demanded and you are done.You can activate this feature by going in Settings> Security . Activate it as shown in figure.
Trusted FellowsThis feature provides you the feature to add three trusted fellows in your account.In case, you account got comprised, Facebook team will send the passsword recovery details to those friends. Choose them wisely. It is better to confirm that their accounts are well secured or not.Becuase any hacker can hack their account and get access to your account.It will be also helpful that all these three people don't know each other so they can not harm you together.Because We can't trust anyone in this cruel world.
Active SessionsFacebook added the feature to see the logined sessions of your account on different computers.You can see them delete them anytime.When you click on "End activity". They session will be automatically closed on that device.Check this regularly and close all those sessions are not required to be opened.In this area, Facebook also shows you details of Device, IP for location and Browser so you can recognize it.Move Settings > Security >Where You're logged in.
App passwordsMany web applications are integrated with Facebook and use the Oauth feature for registrations.When ever the user register on any website using Facebook, Facebook shares the users information with the websites and sometime the websites even retrieve the password as well. If the website is poorly secured than any user can get your password from that website.Or even sometime Hackers made the Duplicate apps to get the user details.Using " App Password" feature of the Facebook, you can use different passwords for the apps. Make this different from the Facebook login password because that's what we need.
Trusted BrowsersIf you have enabled the mobile login approvals than everytime when you login,Facebook asks you to whether to save this or not.Only save when you think this PC is trusted.You can view the list of all trusted browsers which you saved in Settings>Security. Remove the unrequired browsers regularly.This can be also be a good practice for Facebook Account Security.
After logging in, some of the other things which you may practice are:
Avoid Use of Malicious codes
Don't paste any code in your browser if you don't know how it words and what is its use. Many tricks are available over the internet which involves the use of scripts or codes in URL such as autoliker , all friend remover or emoticons. These scripts can be malicious too.So if you are not a geek and don't understand the coding than please refrain from them.These can cause the hacking of your account.
Avoid Clicking the Suspicious Links
Suspicious links may appear to be shortcuts to funny pictures, Videos , Downloads , Shocking News or "Like" Buttons. These traps are designed to steal your personal information.However you can save yourself from these by using the security tips and don't download undesired softwares. Hover over a link without clicking you will see the full URL of link in the bottom in the bottom of your browser and use URL Scanners Like URLVOID and MYWOT that allow you to enter the URL of a suspicious link to check it for security.
If you are using someone else computer than make sure that your are doing it in Incognito Mode or Private Tab. This will prevents the browsers to store the history, cache and others.In chrome, you can do this by ctrl+Shift+N. If you are a Firefox user than you can do this by ctrl+Shift+P. In opera browser, this can be done by ctrl+shift+N. Keep in mind that using Incognito/Private tab will not hide your browsing from employer, Internet Service Provider or the website that you are using. But still it is good practice to use Facebook in Private tab on someone else computer
I will Update this guide so keep yourself in touch with this post.Feel free ask about your ambiguities.Feel free to share your suggestions also to make this more better.