Facebook wants you all to have a safe experience on its social network, says Product Manager Melissa Luu-Van who, late last week, revealed how the Menlo Park firm was introducing a new security notification for its web-based users.
After a few months of testing with a limited pool of users, the company has begun rolling out a new “Security Checkup” tool to half of the world’s online population.
If you are one of the estimated 1.5 billion people who log in to the social network at least once a month you will, over the coming weeks, be met with a notification at the top of your desktop newsfeed (Security Checkup for mobile applications is expected to roll out “soon”).
A distinctive box, labelled “Stay Secure on Facebook,” will urge you to look at three ways you can improve your security on the social site.
While the prompt offers nothing new – its simply a rehashed way of looking at the options under Settings > Security – I would suggest running through it to ensure that your account is as safe as possible.
The three areas covered by the Security Checkup tool are connected devices, login alerts and passwords.
1. Log out or delete unused apps
The first step will present you with a list of previously used browsers and apps that have not been used to connect to the social network for at least a month. By reviewing this list you can ensure that you are only logging in to Facebook from devices and apps that you are still using. You can either log out of all unused apps at once or select specific ones to terminate.
I urge you to go further than that though and cultivate the habit of logging out of anything you aren’t using. If you’re logged in to something but you aren’t using it you’re leaving yourself vulnerable to Cross-Site Request Forgery (CSRF) attacks.
2. Get warning of attempted account hijacks
The second part of the checkup will prompt you to enable login alerts if you haven’t already done so. When login alerts are enabled, you will receive a notification via your chosen delivery method (the Facebook app, email and/or phone) which will let you know if someone subsequently tries to hijack your account by logging in from a new device or browser.
3. Choose a strong password
Lastly, Facebook uses its new tool to offer up some password tips, such as not reusing login credentials, avoiding the use of names and other common words, and not sharing passwords with anyone else.
This last aspect, while useful, is pretty basic so if you now feel compelled to beef up your password security, the following video is just what you need:
If you haven’t received a notification at the top of your newsfeed yet you can still run the Security Checkup right now – it only takes a couple of minutes.
While I think Facebook’s decision to encourage its users to consider the security implications of how they use their accounts, as well as previous efforts to educate on the topic of privacy via its lovable blue cartoon privacy dinosaur, are a great step in the right direction, the advice on offer is still pretty basic.
Sure, it’s better than nothing, but you may want to do more to protect your account and control your privacy. In which case, you can visit the full set of security and privacy tools via your General Account Settings page.
Or check out our own detailed tips for enhancing your privacy and making your Facebook account safer.
Image of Facebook user courtesy of Denys Prykhodov / Shutterstock.com .
Ha! Thanks to previous Sophos articles, I didn’t need to make any changes and passed with flying colors.
Good article…
But this security tool still doesn’t stop over-sharing, and the inherent risks associated with it. For example, one could easily hack a facebook account without the owner ever being contacted, solicited, messaged, or having any files downloaded, links clicked or information elicited.