Skip to content
by
  • Products
  • Free Tools
  • Search
  • Free Sophos Home
XG Firewall
Next-Gen Firewall
Intercept X
Next-Gen Endpoint
  • Sophos Cloud Optix
  • Sophos Central
  • Sophos Mobile
  • Intercept X for Server
  • Secure Wi-Fi
  • Phish Threat
  • SafeGuard Encryption
  • Secure Email
  • SG UTM
  • Secure Web Gateway
For Home Users

Sophos Home protects every Mac and PC in your home

Learn More
Free Security Tools
Free Trials
Product Demos
Have you listened to our podcast? Listen now

Facebook rolls out ‘Security Checkup’ tool to all desktop users

03 Aug 2015 2 Facebook, Privacy, Security threats
Facebook rolls out 'Security Checkup' tool to all desktop users

Post navigation

Previous: Mt. Gox founder Mark Karpeles arrested – but not over missing Bitcoinage
Next: Can you trust Tor’s entry guards?
by Lee Munson

Facebook rolls out 'Security Checkup' tool to all desktop usersFacebook wants you all to have a safe experience on its social network, says Product Manager Melissa Luu-Van who, late last week, revealed how the Menlo Park firm was introducing a new security notification for its web-based users.

After a few months of testing with a limited pool of users, the company has begun rolling out a new “Security Checkup” tool to half of the world’s online population.

If you are one of the estimated 1.5 billion people who log in to the social network at least once a month you will, over the coming weeks, be met with a notification at the top of your desktop newsfeed (Security Checkup for mobile applications is expected to roll out “soon”).

A distinctive box, labelled “Stay Secure on Facebook,” will urge you to look at three ways you can improve your security on the social site.

While the prompt offers nothing new – its simply a rehashed way of looking at the options under Settings > Security – I would suggest running through it to ensure that your account is as safe as possible.

The three areas covered by the Security Checkup tool are connected devices, login alerts and passwords.

1. Log out or delete unused apps

The first step will present you with a list of previously used browsers and apps that have not been used to connect to the social network for at least a month. By reviewing this list you can ensure that you are only logging in to Facebook from devices and apps that you are still using. You can either log out of all unused apps at once or select specific ones to terminate.

I urge you to go further than that though and cultivate the habit of logging out of anything you aren’t using. If you’re logged in to something but you aren’t using it you’re leaving yourself vulnerable to Cross-Site Request Forgery (CSRF) attacks.

2. Get warning of attempted account hijacks

The second part of the checkup will prompt you to enable login alerts if you haven’t already done so. When login alerts are enabled, you will receive a notification via your chosen delivery method (the Facebook app, email and/or phone) which will let you know if someone subsequently tries to hijack your account by logging in from a new device or browser.

3. Choose a strong password

Lastly, Facebook uses its new tool to offer up some password tips, such as not reusing login credentials, avoiding the use of names and other common words, and not sharing passwords with anyone else.

This last aspect, while useful, is pretty basic so if you now feel compelled to beef up your password security, the following video is just what you need:

If you haven’t received a notification at the top of your newsfeed yet you can still run the Security Checkup right now – it only takes a couple of minutes.

While I think Facebook’s decision to encourage its users to consider the security implications of how they use their accounts, as well as previous efforts to educate on the topic of privacy via its lovable blue cartoon privacy dinosaur, are a great step in the right direction, the advice on offer is still pretty basic.

Sure, it’s better than nothing, but you may want to do more to protect your account and control your privacy. In which case, you can visit the full set of security and privacy tools via your General Account Settings page.

Or check out our own detailed tips for enhancing your privacy and making your Facebook account safer.

Image of Facebook user courtesy of Denys Prykhodov / Shutterstock.com .

  • Follow @NakedSecurity on Twitter for the latest computer security news.

  • Follow @NakedSecurity on Instagram for exclusive pics, gifs, vids and LOLs!

Free tools

Sophos Firewall Home Edition

Boost your home network security.

Sophos Scan & Clean

Free second-opinion scanner for PCs.

Sophos Cloud Optix

Monitor 25 cloud assets for free.

Post navigation

Previous: Mt. Gox founder Mark Karpeles arrested – but not over missing Bitcoinage
Next: Can you trust Tor’s entry guards?

2 comments on “Facebook rolls out ‘Security Checkup’ tool to all desktop users”

  1. ronifae says:
    August 3, 2015 at 4:05 pm

    Ha! Thanks to previous Sophos articles, I didn’t need to make any changes and passed with flying colors.

    Reply
  2. Intel ID says:
    August 4, 2015 at 6:10 am

    Good article…

    But this security tool still doesn’t stop over-sharing, and the inherent risks associated with it. For example, one could easily hack a facebook account without the owner ever being contacted, solicited, messaged, or having any files downloaded, links clicked or information elicited.

    Reply

What do you think? Cancel reply

Recommended reads

Dec29
by Paul Ducklin
9

US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?

Dec14
by Paul Ducklin
2

Patch Tuesday: 0-days, RCE bugs, and a curious tale of signed malware

Jan25
by Paul Ducklin
2

GoTo admits: Customer cloud backups stolen together with decryption key

  • About Naked Security
  • About Sophos
  • Send us a tip
  • Cookies
  • Privacy
  • Legal
  • Intercept X
  • Intercept X for Server
  • Intercept X for Mobile
  • XG Firewall
  • Sophos Email
  • Sophos Wireless
  • Managed Threat Response
  • Cloud Optix
  • Phish Threat
© 1997 - 2023 Sophos Ltd. All rights reserved. Powered by WordPress VIP