Aug 2, 2021, Infrastructure

Secure your Google, LinkedIn and Facebook account

Damian Stańco IT Support Specialist

Today, people tend to judge a person or a company based on their online profiles. And these opinions are quite fragile – they can be violated if someone unauthorized gets access to our social media or other platforms used for communication with current and potential clients. This article will cover all available functions provided by Google, Facebook and LinkedIn that can help us protect our accounts and stay safe. 

In a recent article, we have covered in more detail all aspects of identity protection using multi factor authentication. Now, we would like to discuss all available security functions, provided by Google, Facebook and LinkedIn that can not only help us protect our accounts, but also our privacy. 

General rules

Before we go into more detail about how to secure each service, let’s take a look at some general rules you should follow.

Protect your password

  1. Use unique passwords for each service or web page you log into.
  2. Don’t use simple passwords. Below is a list of common easy to break passwords:
    • 123456
    • 12345
    • 123456789
    • password
    • iloveyou
    • qwerty
    • rockyou
  3. Never use your birth date, wedding date or your spouse’s name or any easy identifiable information as a password. If you do, you’re asking for trouble.
  4. Use hard to guess passwords which are at least 10 characters long. 
  5. Use password management software like Dashlane, 1Password, Lastpass, etc. They will enable you to generate safe passwords like hE&Lgc!Fk#Kp3gR$ and store them in a secure way. 

Don’t share your identity information with anyone

  1. There are many fake websites that will try to get the identity of your account, most commonly using an email phishing.
  2. Check the URL (web page address) before you enter any information
  3. Never click on a dubious link, even if you get it from a known company or a person

Securing your Google account

If I could recommend one thing you should do from time to time, it would be doing a Security Checkup to get personalized security recommendations for your Google Account. You will be able to check:

  • The devices to which you are signed in
  • Recent security activity
  • 2 step verification settings
  • Your saved passwords

Google provides many different possibilities of securing an account. In case of a two-step authentication by-default setup, It uses phone verification on the device you’re logged in. If you want, you can use a different authentication option, like an SMS, call, Google Authenticator or security key (U2F). 

Apart from that, Google allows generating backup codes which can be printed or saved on the device and used in case of lack of access to our phone. What’s important is securing the codes so that they wouldn’t fall into the wrong hands – it might cause us to lose the entire account. From the level of security menu we can view all the devices we’re logged in and check what other companies applications have access to our account. If we don’t recognize a certain device, we can log it out remotely. We’re also able to flag particular devices as trusted – in that case we won’t have to go through the second part of the authentication process.

LinkedIn made safer

Apart from a standard protection with a password, LinkedIn allows us to launch a two-step authentication through our phone number (SMS) or an authentication application. As for now, the platform doesn’t support security key verification and generating backup codes. It allows us to track our active sessions, so from time to time we can check if we recognize them all (verifying approximate location and an IP address). If something’s not right, we can log out a session or be logged out from all the active sessions. In case of having problems with logging into a LinkedIn account, the platform gives us a possibility to reset our password using a phone number. 

Facebook – regaining access to an account through friends

The platform has many popular options of account protection like phone authentication (SMS), application authentication or a security key (U2F) which is not a common practice among other social media portals. Additionally, Facebook has a very unique option of regaining access to an account by our friends. If we lose it, we can simply ask some of them (3-5 people) for help. A friend will get a special code which can be used in the process of regaining access. But don’t worry – this friend won’t be allowed to use your account. 

Summing up

Strong account protection allows us to stay calm facing possible account hacking. Nevertheless, there are some cases in which, despite the protection, we can still lose our access or someone unauthorized can log in. A situation like this happened lately on the Polish YouTube account “Uwaga Naukowy Bełkot”. In spite of two-step authentication, hackers got into the account and broadcasted live cryptocurrencies transmission which resulted in blocking the channel. They didn’t get access by breaking the account’s protection or password theft, but using a plugin that had permission to broadcast live. This example shows that, although the account was protected by a strong password and a two-step authentication, there are other ways to get in. That’s why it’s so important to check what permissions are given to downloaded applications and plugins.