Quick Fix for a Facebook Security Issue

Facebook has a nice little security hole, and someone has already done a “proof of concept” hack to show that it’s easy to get into someone’s account. The hack involves “listening” as people log into Facebook using an open network (such as what you’d find at Starbucks) and capturing names and passwords. Once that happens, the hacker has all he needs. He can log in with the captured Facebook credentials and post things and comment on things and delete things and generally cause a bunch of trouble. You don’t want that.

Unfortunately, the person who developed the hack released it into the wilds, making it possible for anyone with a little knowledge to hack into other people’s Facebook accounts. Fortunately, it’s really easy to prevent anyone from hacking into YOUR Facebook account, and double-fortunately, here I am to tell you how.

First, go to the Account menu and choose “Account Settings.”

Second, click “Change” in the Account Security section.

Third, make your settings look like this and click Save .

The most important one is “Secure Browsing (https)”. The others are optional, but it would be interesting to know that someone has logged into your account, right when it happens, wouldn’t it? If that does happen, make another trip to this same Account Security section in Facebook’s settings and if it’s not authorized, you can click an “End Activity” button to turn off that machine’s access. Don’t be alarmed (like I was) if you see something like this in Facebook’s settings:

When I saw this, I thought “Whoa, who was accessing my account in Anaheim at 4:36 PM?” Turns out the location is VERY approximate. If you hover your mouse over the location, they show the IP address for that location, and it turns out they were off by a few miles. The IP they reported was my own. (You can determine your own IP by going to www.whatismyip.com).

Changing this one security setting takes less time to do than to read about. Do it now and you’re all set.


by


Leave a Reply

Your email address will not be published.