Securing your social channels

August 18, 2021
Andy Murphy

Photo by Scott Webb on Unsplash

We’ve recently heard of a couple of incidents involving our clients’ dealers social pages being stolen by hackers and used to spam people, or even just passwords forgotten and access lost. You’ve worked hard to build up your Facebook, Twitter and Instagram channels so it’s worth taking a little time to make sure you follow a few simple tips to secure them

1 – Get a decent password

Don’t go with “Password123″ or “Tiger900”. They are easily guessable by the machines that hackers use to guess passwords. Most browsers these days offer the option to suggest much more unique and therefore secure passwords, use that functionality or follow this advice from Google about creating a longer more unique password

2 – Switch on two-factor authentication

This is becoming an increasingly common way of securing access to your online accounts and it’s one that you should take advantage of. What it means is that as well as requiring the password, a second code is also needed to log in. That code is generated at the time you are attempting to log in, this is typically texted to a pre-designated mobile phone, or some people have an app on their phone called Google Authenticator which generates a time-sensitive code for you to use. Make sure you switch this on for you, and anyone that accesses your business account. More details on how to enable it can be found here for Facebook and Instagram, and here for Twitter.

3 – Take the time to see who has access to your page

Over time, we allow different team members or people we are working with on projects to have access to our pages. It makes sense at the time but sometimes we forget that those people still have access. Think of those people as doors to your vault. It may not be a problem, but each door is a potential weakness. Requiring two-factor authentication for everyone that accesses your page will help, but if you don’t do that then you are relying on everyone keeping their own social accounts as secure as yours – not advisable. So just double check that everyone that has access still needs access.

While you’re in there, take the time to check the page roles and permissions. You will want to have two page admins so that if you get locked out, then somebody else you trust can still get in, but nobody else should be an admin.

4 – Set up trusted contacts

If there’s nobody in the business that you feel comfortable with giving admin access to, then you can set up trusted contacts who can help you regain access to your account if you are ever locked out. They can send you a recovery code with a URL that will help you get back in. More details can be found here
If you are in any doubt about whether your account has been hacked, report it here –

If you want any more advice on helping your brand navigate these and other new digital challenges, get in touch