Secure Your Social Media Accounts in Three Steps

If you follow CBC National on Twitter, you may have noticed that their account was acting strange on March 4. Someone tweeted a single-word expletive to the account's 320,000 followers.

CBC quickly removed the inappropriate tweet and announced that their account had been compromised. They have yet to explain what exactly happened.

Account Hacking

Social media account hacking is not a rare thing. In July 2020, for instance, hackers gained access to several high-profile Twitter accounts, including those of Barack Obama, Bill Gates, Jeff Bezos, Joe Biden, and Elon Musk. And in 2017, BBC and New York Times Twitter accounts were hacked.

As for regular users, thousands of individual social media accounts are compromised every day. Some users end up losing their accounts after hackers change passwords. Many others continue using their accounts, unaware that they no longer have exclusive access.

The good news is that there are three quick and relatively easy fixes that will help most users secure their accounts.

1. Create Strong and Unique Passwords

Make sure that you use a strong and unique password to protect your account. I keep reiterating this point because most users have sloppy password habits.

Passwords are your first line of defence against cybercriminals. If you want this defence to hold, make sure that every password you use is at least 12 characters long and includes obscure (or better still, totally random) combinations of uppercase and lowercase letters, numbers and special symbols. Also, never reuse the same password for several accounts.

2. Use Two-Factor Authentication

Unfortunately, even the strongest passwords can be compromised. Cybercriminals use sophisticated phishing attacks or malware to steal account credentials. They can also get your password from one of the increasingly frequent data breaches.

That is why it is important to have a strong second line of defence. All social media platforms and email services now provide a two-factor authentication (2FA) option. When enabled, this option requires that in addition to entering a password, you provide a second piece of evidence to convince the platform that you have the right to access a specific account.

This means that even if someone steals your password, they will not be able to access your account without getting their hands on this second "authentication factor".

This second factor can be a hardware security token, SMS code, your biometrics (face or fingerprint) or a numerical code generated by an authenticator app on your phone. The SMS code option is the least secure as it is relatively easy for a hacker to get that code.

The other three 2FA options are equally good. You should choose one that suits your needs and habits. I always recommend using an authenticator app on your phone to generate numerical 2FA codes that expire after 30 seconds. Authy and Google Authenticator are both reliable and free options.

3. Secure Your Devices

You need to make sure that the devices you use to access your accounts are secure. Criminals commonly gain access to other people's devices either by stealing them or by infecting them with malware.

Here are key device security tips:

• Make sure that the device you are using is protected by a strong passwords and that the screen is set to lock automatically after a brief period of inactivity.

• If you share a device with someone else, make sure you are using a separate password-protected user account to access social media.

• Make sure you use a reliable antivirus that installs updates automatically.

• Make sure your operating system is up to date and that it installs updates automatically.

• If possible, disable the "remember my password" option in your browser. If you use social media apps, consider disabling automatic sign-in.

It is important to understand that these fixes will not protect your social media accounts from all possible hacking attacks. But they will protect you from the overwhelming majority of attacks aimed at stealing account credentials.