As a Naked Security reader, you might find it hard to believe that this is really a thing…
There’s a rumor floating around in certain corners of the internet that you can “prove” your Facebook account is secure by triggering an animation in the comments section.
Unfortunately, memes like this do make the rounds, and though they might strike the more security-savvy amongst us as silly or trivial, let’s instead examine why these memes might be capturing peoples’ attention.
One of the security-related claims making the rounds is this:
Mark Zuckerberg, CEO of Facebook, invented the word BFF. To make sure your account is safe on Facebook, type BFF in a comment. If it appears green, your account is protected. If it does not appear in green, change your password immediately because it will be hacked.
If you haven’t used Facebook in a while (or are team #NeverFacebook or #DeleteFacebook), you might not know about a little UI feature that has been slowly rolling out across the social network in the past few months. Basically, if you type a certain phrase – like “congratulations” or “happy birthday” – in a Facebook post or comment, Facebook will automagically bold and add color to the text, and if you click the highlighted phrase, a little animation will appear in your browser. (“Congratulations” will shower confetti, that kind of thing.)
So according to the meme above, if a comment or post has the term “BFF” in it (BFF, meaning “Best Friends Forever”), a “secure” account will see that text turn green. (Presumably, an “insecure” account would see no change at all.)
Hopefully the vague nature of this claim has set off all your alarm bells. What does “your account is protected” mean in the context of Facebook? Why on earth would this be a hidden feature, only to be mysteriously conjured via mirth injection when typing in “BFF”? Is Facebook really our BFF when it comes to security?
Just to be crystal clear, there’s absolutely no truth to this claim, though that hasn’t stopped the rumor from spreading.
So why does a rumor like this have any staying power? Perhaps it’s a secret conspiracy of highly security-minded users trying to use a meme to get people to change their passwords frequently, as a sort of backdoor method to better security, but that sounds about as likely as Zuck inventing the BFF acronym.
It’s more likely that the segment of Facebook users who think a claim like this might be true might also be unaware that the power to better secure their account from hacking attempts, and to verify the security of their Facebook account, lies entirely within their control and it never requires typing in a magic acronym.
The keys to the kingdom for your Facebook account’s security are all in the Security area of Facebook settings. From there, you can change your password to something unique to your account and enable two-factor authentication when you log in. These changes would do a lot of good to protect a Facebook account, and will certainly make a bigger impact than typing “BFF” in a comment box.
If you see this meme making the rounds with your friends and family, chances are they’re concerned about their Facebook account’s security but might not know that they can do something about it.
Resist the urge to ignore and move on (or snark, if you’re more that type), and instead make this meme a teaching moment: Encourage them to check out their account’s security settings and help them gain some real peace of mind.
And, if you want to read about some of the most ridiculous examples we’ve seen, read our article about 3 of Facebook’s dumbest hoaxes.