Congress Party Vice President Rahul Gandhi's Twitter account was hacked Recently. The hacker posted tweets from Gandhi's account using foul language. Following that, the Indian National Congress' official Twitter account was hacked. Last week, Twitter accounts UB Group chairman Vijay Mallya and NDTV journalist Barkha Dutt and Ravish Kumar's accounts were compromised. This year has seen recurring incidents of celebrity and big ticket accounts being hacked. Hacked accounts include those belonging to Facebook co-founder Mark Zuckerberg and Google CEO Sundar Pichai.
These episodes underscore the importance of securing social media accounts which one uses frequently. Hackers are often trying to get hold of every piece of personal and private data that they can lay their hands on. Here is a quick guide to secure your social media accounts.
First, a couple of basic tips. It always helps if your password is an alphanumeric string with special characters. Though this fact has been iterated ad nauseam in many tech blogs and by security experts, people just seem to ignore it. Mark Zuckerberg's password for one of his personal social media accounts was 'dadada'.
As boring and tiresome as it sounds, it is important to keep changing your password every few weeks. The ideal practice would be to change it once in every 30 days, but anything over 90 days is to risk inviting trouble. You can use password managers such as Last Pass and Zoho Vault. It is also a good practice to enter the password for logging in when people are not watching. Social hacking -- a term used for peeking and learning the details over someone's shoulder, is a big reason why many accounts are compromised.
Now, big ticket social networks offer their own services as well. Let's take a look at the security measures that these social networks have for their users.
It is always a good idea to secure your account with this microblogging website, given that the Twitter CEO has had his account hacked. Twitter allows a method called Login Verification which requires the user to sign-in with a combo of the password and a six-digit code sent through SMS while logging in.
The process is quite simple. You need to go to your account settings and click on 'security' to turn the verification on. The process involves feeding some basic information such as your mobile number. You will get a six digit verification code to identify you mobile number which you can link with your account. Twitter suggests that you generate a backup code as well and take a screenshot. This will come handy in the eventuality of you losing your mobile phone or replacing it with a new one. Now every time you log in, you'll be asked for a six digit code which you will get through SMS.
The world's biggest social network also follows a similar process for users' security. It calls two-factor authentication 'Login Approvals'. The process is quite similar and you can activate the login approvals by going into settings and clicking on the security settings to follow the instruction.
Facebook also has a couple of other features, such as login alerts. So, when you log in to your account, you get an email and a code to approve the login if it has been done by you. If it is an instance of attempted hacking, you can deny the login as well. Besides, you can see all the active sessions on different devices to keep track of any unsolicited login.
Google offers many ways to make your account secure. First is of course, the two-factor authentication. But here, you can choose to receive the code through a call instead of an SMS. Google has made authentication a bit simple as well. You can download an application called the Authenticator to link your mobile phone with the account. So, the next time you log in, after entering the password you'd just have to tap verify on your smartphone (or an Android wear watch).
Google also allows you to enter the recovery email, so in case your account is lost or compromised it can be used to reset your password.
The recent hacks on the well-known accounts on Twitter also suggest that the hackers took control of the email servers of the organizations and used it to gain access. The companies also must perform an audit of their servers to ensure that the information of the employees is intact.
It is also advised to use password protection service such as LastPass and 1Password for additional security.
Some other websites such as Instagram also have security features to ensure user safety. If you use any other security measures, share it with us.