If you spend much time on Twitter, you may have noticed that one of NBC’s Twitter accounts was hacked earlier today and used to distribute false messages about a terrorist attack in New York. Although NBC and Twitter quickly took action to take control of the account back from the hackers, the incident still looks bad.
NBC is taking it very seriously — as they should. The network’s Brian Williams delivered an on-air apology during the newscast tonight, and doubtless NBC’s new media team is already assessing how to prevent this from happening again.
While they react to an embarrassing breach, we’d like to encourage all of our readers to be proactive in safeguarding your social media accounts from hackers. Here are five steps you can take to strengthen your account security.
- Use a unique password for your social media accounts. You should not be using the same password for Facebook or Twitter that you use for email, or for online banking. If somebody breaks into your email account, they have instant access to your Facebook account if you use the same password. Your account is more secure if you use a different password.
- Choose strong passwords both for your social media accounts and for email. “mydogbailey12” is not a strong password. A strong password should not consist of any words that you could find in a standard dictionary of any language (unless it’s a language you invented). Instead, use acronyms that would be meaningless to anybody except you. Mix in some numbers and punctuation for a strong, hard-to-crack password.
- Always use HTTPS. HTTPS stands for Hypertext Transfer Protocol (HTTP) Secure. When you connect to a website using HTTPS, your connection is encrypted, reducing the likelihood that somebody will be able to intercept sensitive information like your usernames and passwords. Facebook and Twitter have HTTPS modes, but unfortunately, they are not enabled by default. You have to turn them on in your account settings (see how by clicking on the preceding links). This is something you can and should do right now! You can also install HTTPS Everywhere if you’re a Firefox user. This extension will force your browser to default to a secure connection on many popular websites, not just Facebook and Twitter.
- As a general rule, do not log into your social media accounts from a shared computer. You have no way of verifying that a public or shared computer is secure and free of malware. HTTPS can protect against man-in-the-middle attacks, but if you’re the computer you’re using is recording your keystrokes, HTTPS won’t save you from being unknowingly compromised.
- Think twice before authorizing a third-party application to access your social media accounts. For instance, time-wasting Facebook games like Mafia Wars are best avoided altogether. If you do want to connect a game to your account, research its origins and verify that the game is coded and distributed by a legitimate developer… before you grant it access.
Finally, an addendum to the third guideline: If you primarily post to Twitter or Facebook from a desktop or mobile application of some sort (TweetDeck, Echofon, HootSuite, etc.) make sure those applications are sending and retrieving data over a secure connection. If the application you’re using does not support HTTPS, find one that does. If you’re not sure, ask the developer.
If you follow the above guidelines in addition to making the security of your devices a priority (ensuring all of your computers have a firewall and antivirus suite installed, requiring passwords after periods of inactivity, enabling remote wipe capability on your smartphone, etc.) you’ll be better protected against hacking attempts.
Most people have no idea how unprotected they are — take action to protect your own social media accounts and make time to help others do the same.