On 28th September 2018, Facebook discovered a security weakness that could let attackers hijack people’s accounts. Although Facebook claims this vulnerability has been fixed, there are precautions to take.
Here are a few tips for securing your Facebook account:
1. Do a Device Audit
The best way to determine whether someone has gained improper access to your account is to do an audit of the devices that you have used to log into Facebook. On Facebook’s Security and Login page, under the tab labeled “Where You’re Logged in,” you can see a list of devices that are signed into your account, as well as their locations. If you see an unfamiliar gadget or a device signed in at an odd location, you can click the “Remove” button to boot the device out of your account.
2. Change Your Password
To be extra safe, you probably should change your password although Facebook claims the weakness has been fixed.
Always choose a complex one — and do not reuse a password you have used on a different site. Try creating long and complex passwords consisting of nonsensical phrases or one-sentence summaries of strange life events and add numbers and special characters, like: “My favorite number is Turquoise 6745#”.
3. Turn on Two-Factor Authentication
Like many sites, Facebook offers a security feature called two-factor authentication. It involves text messaging a unique code to your phone that you must type in after entering your password. This way, even if someone else gained access to your password, it would be difficult to log in without that code. Even though Facebook fixed this week’s security vulnerability, every user should have this feature turned on.
