Hacking of Facebook accounts have been a very commonÂ scenario, they are various methods you one could get the accounts hacked, be it carelessness or forgetfulness, sometimes it’s not even the fault of the users, the hackers are smart enough toÂ get access to your account.
We portrayed how Sidejacking or Session Hijacking works and who to prevent Session Hijacking, there are some other means like Social EngineeringÂ etc that can cause your account to be compromised.
Today, we shall have a look at the security Facebook provides and how to tweak and optimize to get the best security for our Facebook account.
All the settings for Security on Facebook are available in the Account Settings Tab, which can be found on the top right, where the logout button is present, we are talking about the new Facebook layout which was updated in August 2011.
Click on the Security Tab once you enter the Account settings and there you shall find all the security features Facebook has to offer.
Once you hit the Security Tab, you will be welcomed with the following screen, we will run you through what each one does and how important it is for you to use it.
1. Secure Browsing
Rememeber we spoke about session Hijacking where the server only sends encrypted data during the Login process and then all the subsequent request are exchanged in Plain text, well here is how you can force Facebook to have your entire browsing session to be encrypted, Enable the “Browse Facebook on a secure connection (https) when possible”. This will help you to prevent session hijacking attacks
2. Login Notification
Facebook has this unique feature to let you know when and where you account was accessed and which device accessed it via what Location.
The When part is covered here, whenever your account is accessed via a different machine or IP address, it has to pass through a checkpoint where Facebook asks you to name the device, once you do that, it will record the IP and few other details. Now it would be useless if you aren’t notified about it, if you enabled Email and text Notification, you will get the updates on your email and your registered cellphone number as soon as your account is accessed from an unregistered computer. Plus it gives you a lot of details about the PC and the Location as well as the time of access
3. App Passwords
App passwords are one-time passwords you can use to log in to your apps. Using app passwords will help keep your Facebook password safe. And if you haveÂ login approvalsÂ turned on, when you use an app password you won’t have to wait to receive a code. Instead, you can skip login approvals and log in immediately.
To get an app password:
- Go to yourÂ Security SettingsÂ page (Account > Account Settings > Security)
- Find the App Passwords section and clickÂ Edit
- Click theÂ Generate app passwordsÂ link
- Type in the name of the App and clickÂ Generate Password
- Go to your app and use that password to log in
Note that we will save a list of the apps you generate app passwords for, but we won’t save the passwords.
4. Recognized Devices
The Where part is covered here, this section shows you from where your account was accessed and what date, Facebook won’t notify you the next time the account is accessed from these devices. If you wish Facebook to alert you, you can remove the devices from the list
5. Active sessions
This sections tell you the current active session of your account on Facebook, so If I see one session is active from Mumbai, India and Â the other from Palo Alto, CA, I know something is wrong right? Oh, unless your girlfriend is in Mumbai 😉 then it’s perfectly fine.
Yes, i could go ahead and end the session remotely by click on the end activity link, so that the access to that particular session isÂ deprecated
We hope this helped you out configuring your Facebook security settings, if you have any queries, feel free to mails us at [email protected] or join us on our Facebook PageÂ for a discussion or evenÂ Subscribe to Dhawal’s updates on Facebook.
Hey you can now adds The DNetWorks to your Circle on Google+