Would you hand over your Twitter and Facebook account to someone you don’t know voluntarily and let them do with it as they choose? Well, unless you protect your accounts, you may be doing just that. Here’s how to do it.
As many of you know, I am a big advocate of social media and what it can do for not only businesses, but for people in general, with the ability to connect individuals from across the globe in ways they have not been able to do so in the past. The reason for this post is, I was reading an article on a new mobile app that allows people to sniff a network you’re on (such as a public network at your local coffee house or hangout) and take over your Facebook, Twitter and YouTube accounts, just by running the app on the same network. Pretty scary thought, right? Well, I wanted to share the steps to protect your accounts against this type of behavior with you right here.
How to protect your Facebook account:
Option #1: Whenever you go to Facebook in a web browser, be sure to type “https://” in front of the www.facebook.com, not just “http://” This will enable you to connect to Facebook through a secure connection. This option works fine when you remember to do so, but what if you forget, or what if you click a link to get to Facebook and don’t realize it’s not a secure connection when you get there? As such, I’d recommend looking at option #2 below:
Option #2: Navigate to the "Account Security" section of the Account Settings page. Once there, make sure the check box next to “Browse Facebook on a secure connection (https) whenever possible” is checked. Here’s the step by step below with screenshots (click any image for full size):
There are also some additional options on the page like the “Login notifications” and “Login Approvals” options (see third screen shot above) for when your account is logged into by another device that you might be interested in as added protection.
How to protect your Twitter account:
Option #1: For Twitter, similarly to Facebook, you have the option to navigate to a secure connection by adding the “s” in your web address when going to the site (https://twitter.com instead of http://twitter.com), but again, what if you forget or what if you click a link to get to Twitter and don’t realize it’s not a secure connection when you get there? As such, I would again recommend going with Option #2 below:
Option #2: Go to your settings and check the box next to “Always use HTTPS,” which is at the bottom of the page. Here’s the step by step below with screenshots (click any image for full size):
One thing to note with Twitter, when accessing Twitter from your mobile browser, you need to go to https://mobile.twitter.com to use HTTPS for now because turning on HTTPS in your settings does not force HTTPS in a mobile connection at this time.
In the spirit of full transparency, if you read the article above that I referenced, inside there they include links to blog posts from both Facebook and Twitter that include steps to secure your accounts. If you are interested in reading the full article and blog posts, I would encourage you to do so. So why did I redo the information included there here on my blog vs. just sending you to the article? Simple. You and I both know that just pointing people to that article and asking you to go to two more sites beyond there would equate to a large number of people choosing to do it later or not following through. This is one of those items where I wanted to pull the important information front and center for you above in a very easy “Do this: 1, 2, 3” approach so that more of you actually take the steps above to protect your accounts.
Now, I hope many of you will now take the few minutes it actually takes to go and check your Twitter and your Facebook accounts to ensure you have enabled these security settings for yourself, because whether it is Firesheep, or the mobile app from the article, or some other attempt to take over people’s social media accounts, it is better to take the steps available to you today than to wait until it is far too late and your accounts are being used by someone else for any number of untold bad intentions. Happy socializing and I look forward to seeing you online in the world of social media!
Did you find this information helpful? If so, you may want to make sure you are utilizing all of the areas I share information online, such as: my Facebook page, my Twitter account, my LinkedIn account, and my blog. Plus, you can now get all of the latest Microsoft Partner Information right on your phone!
Thank you and have a wonderful day,
Eric Ligman – Follow me on TWITTER, LinkedIn, and RSS and see “What I’m thinking” Director, Worldwide Partner Experience Microsoft Corporation This posting is provided "AS IS" with no warranties, and confers no rights
Great info Eric, and really, really timely!
what is the difference between the https;// to http://
@ Yellowcotton - As noted in the blog post above, including the "s" at the end causes it to connect via secure connection vs. non-secure connection.