Have you heard of the most recent incident happened on September 25, 2018 where Facebook’s engineering team found a security issue affecting 50 million Facebook accounts? If you haven’t, here’s an quick information of what had happened.
Based on Facebook’s investigation regarding this matter, Facebook pointed out that attackers exploited a vulnerability in Facebook’s code that impacted “View As” a feature that lets people see what their own profile looks like to someone else. This allowed them to steal Facebook access tokens which they could then use to take over people’s accounts. Access tokens are the equivalent of digital keys that keep people logged in to Facebook so they don’t need to re-enter their password every time they use the app.
As of this moment, Facebook already announced that they have fixed the issue and that they will temporarily disable the “View as” feature while they are conducting a security review.
This is just one of the many instances that our security online is at risk. One solution that could avoid our account being infected by such attacks is to enable Two-Factor Authentication on all our social media accounts.
What is Two-Factor Authentication? Two Factor Authentication, also known as 2FA, two step verification or TFA (as an acronym), is an extra layer of security that is known as “multi factor authentication” that requires not only a password and username but also something that only, and only, that user has on them, i.e. a piece of information only they should know or have immediately to hand – such as a physical token. (Click here for the source)
I, myself is very concern about the security of my data and information online, thus I switched on all my social media accounts’ Two-factor Authentication. I will be posting a couple of article showing how to enable the two-factor authentication on common social media platforms like Facebook, Instagram and Twitter.
For now, check on your smartphones and go through your settings and explore on how to enable the Two-Factor Authentication on your accounts. I would personally recommend to enable the two-factor authentication as much as possible.