Do you remember the last time you updated your passwords? If not, it’s time to make your New Year’s resolution to change your social media passwords!

Unfortunately, we’ve recently seen an increase in malicious activity on social media channels, especially Facebook. People are reporting hackers compromising their personal accounts and accessing their business’ Ad Manager account to run false ads.

Hackers can do significant damage and spend thousands of dollars on an ad account in a matter of minutes. Be proactive in preventing vulnerable access to your accounts by taking action now.

Create a New Password

You’ll need to change your passwords frequently to best manage accessibility. Consider changing your password every three months. Prevent hackers with strong passwords and two-factor authentication.

Here are some suggestions to follow when picking a new password:

  • Use at least 12 characters in passwords when possible
  • Use a mix of alphabetical and numeric characters
  • Use a mixture of upper- and lowercase; passwords are case sensitive
  • Use symbols if the system allows (spaces shouldn’t be used as some applications may trim them away)
  • Don’t use only one or two properly spelled words (these are some of the easiest passwords for hackers and robots to crack)
  • Don’t use the same password for multiple accounts

Examples of innovative passwords include:

  • A combination of letters and numbers to make a phrase like “many colors”, e.g., mnY@c0l0rzz! or a misspelled phrase, e.g., 2HotPeetz@s$ or XtreemF00tbllFan@23
  • Odd characters in an otherwise familiar term, such as phnYbon@lol4 instead of funnybone
  • A combination of two unrelated words, like Rabbit@Bui1ding
  • An acronym for an easy to remember quote or phrase. Example: “A bird in the hand is worth two in the bush!” becomes Abithiw2itb!
  • Easily phonetically pronounceable nonsense words, e.g., RooBee-Red4u or gud-Eetz!yuhm.
  • Two words separated by a non-alphabetic, non-numeric, or punctuation character, e.g., Pretty%Cats7 or Animal@Toyz8#

To put the importance of strong passwords in perspective, explains that a password with 8 lowercase letters can be hacked by a computer nearly instantly. A password with 12 characters that contains at least one number, one uppercase letter, and one symbol would take 34,000 years to be hacked by a computer.

Manually Log Out of Suspicious Devices

One good thing about Facebook is that it records your previous active sessions, where you login from, and what devices you used to access your Facebook account.

Checking current active sessions is easy. Navigate to Account > Settings > Security page and scroll down or look down the list until you find ‘Active Sessions’. Edit or log out of anything that seems suspicious or isn’t recognizable as a device you own. All previous sessions will be listed, together with the current active session at the top of the list. Click on the link ‘End Activity’ to kill the activities from other devices you don’t recognize.

Set Up Two-Factor Authentication

Two-factor authentication is an additional security step that helps protect your accounts. Every time you enter your password, two-factor authentication will generate a special login code to your email or phone number. The special code will then be entered to allow access to the account. It may also send a notification asking if you’re attempting to log in on another device to confirm that it’s your attempt.

To set up two-factor authentication on Facebook, navigate to Security and Login Settings>Use two-factor authentication>Edit. From there, you’ll be able to choose between a few different security methods, including text messages and login codes.

Watch Out for Bad Links

Never click on suspicious links – even if they come from your friends. If you receive a link, always take the extra step of asking your friend what the link is to confirm that they have sent it. Usually these links are ‘sent’ without the sender’s knowledge. This includes all links that appear in your Facebook Chat, Messages, friend’s status post, or even from your email.

You’ll also want to update your browser to its latest version to ensure your browser’s security is up to date. Browsers are updated to detect and alert with a warning when you are navigating to a suspected phishing site.


Most of us falsely assume that our accounts are going to be fine. After all, what would a big bad hacker benefit from my little social media account?

Hackers will use your account to manipulate others, and they don’t care who they hurt along the way. At the very least, they are going to inconvenience you and probably make you look bad. They’ll also make it extremely difficult, if not impossible, to retrieve your account after it’s been hacked. Years of photos, posts, memories, data, and potential ads could be lost forever. Not to mention access to your personal data and payment methods.

Be proactive and use the above security tips to protect your accounts. Let us know if you need assistance. As always, we’re here to help!