You may have heard about the recent Facebook security news mentioning that founder and CEO Mark Zuckerberg’s account was hacked and an unauthorized message was posted in his name. He got off easy on the message if the story in the movie The Social Network is accurate but you may be wondering, how did his account get hacked?
As you might expect when the boss gets hacked the employees scramble to pick up the pieces and stop that type of embarrassment from happening again. Soon after Facebook announced security enhancements that all users of the site should consider implementing right away.
Facebook Security Change #1 – Secure Connections to Facebook using Encryption (Https)
The going theory is that Zuckerberg’s account was hacked because he logged into his account via an insecure connection and his login information was intercepted. Implementing encrypted connections to Facebook. Facebook users had always previously connected to the site over unencrypted logins so this is a long overdue change to improve Facebook security.
How to implement Facebook secure authentication –
While logged into Facebook go to Account Settings > Account Security and check the box that says Browse Facebook on a secure connection (https) whenever possible
Facebook offers a disclaimer that this may slow your connection to Facebook down but it is an important step to take especially if you frequently log into facebook while away from home on untrusted networks.
Account activity tracking is Facebooks method to track what type of device you are accessing Facebook with and to provide a notification mechanism when a new device type/location is being used to access your account. These alerts can be configured to send you a text message or email when a new device accesses your Facebook account.
How to check Account Activity Tracking
While logged into Facebook go to Account Settings > Account Security and review your Account Activity. If you notice an unauthorized connection you also have the ability in this area to terminate the connection (and it would also be advisable to change your password at the same time in case there is a problem)
The encrypted login security setting was long overdue but I view the 2nd Facebook security setting as a really nice feature that many online banks do not yet even offer (even though they should be).