James Mayes

Posts Tagged ‘Security’

Blog: How to check for unauthorised access to Facebook?

In Facebook, Facebook tips, Social Media on September 6, 2011 at 6:24 am

So the ability to do this is not new – it’s something simple enough to do. Judging by recent conversations though, not many people are aware (or use) this functionality. Here’s a quick guide.

From your Facebook page, go to the top-right and bring up the Account menu – click Account Settings.  From the menu that subsequently appears on the left, select Security.

First up, click that top option, to Edit the setting for Secure Browsing. This forces Facebook to use a secure wireless connection whenever possible. Not all Facebook apps support this – but at least now if you’re in a coffee shop and it switches to non-secure, you’ll get warned.

 OK, so the how to check bit? First, click Edit next to Recognised Devices. This’ll show you which devices have been used to access your Facebook account. Something there you don’t recognise? Remove it and save changes. I’d also then suggest enabling Login Approvals (available in the box just above), so if an unregistered device tries to log in again, there’s an additional security step. You should also change your password.

The other menu to check out – click Edit on Active Sessions. It’ll show you the open sessions, or device connections. Again, something you don’t recognise? Close it, change your password.   Just one caveat – be conscious of the impact of mobile network centres. For example, if I’m travelling, I’ll sometimes use my phone as a hotspot to get my laptop online.  A Facebook login for that day (when I might be in Manchester) could show the actual location as being Newbury (where my mobile phone provider is physically based). Just one to watch out for!

Blog: How many apps can access your Facebook profile?

In Facebook, Facebook tips, Social Media on February 24, 2011 at 1:30 pm

I intended recently to remove a Facebook app from BranchOut – it’s a recruitment tool, but one that so far seems more interested in spamming profiles than delivering value.  I then thought I’d blog about the methods, only to discover Andy Headworth had beaten me to it.  Great minds and all that. I’m not annoyed 😉 I’ve got a slightly different method – but I also want you to consider the other apps you find in there…

I try to keep an eye on the apps I install or authorise – after all, they all represent a potential security risk.  Even so, I was surprised to find 65 non-Facebook applications can access my profile. All were things I’d authorised at various points, but even so – at least 30 of them hadn’t been activated in the last 6 months (yes, Facebook shows you that).

Facebook Account Menu

The list of apps that have access to my details, or can post on my behalf, is now much smaller.

Want to sort yours out? Here’s what to do. Click on the Privacy Settings option. You’ll get a view of how different things on your account are shared – and indeed, while you’re here – check you’re happy with those settings.  For checking on your installed apps, the button you want is to the bottom-left of your screen.


Once you’ve found this, click on Edit Settings. You’ll see a short summary of the most recent apps in use, plus some other privacy settings. Instant Personalisation is one I blogged about recently, thought it’s not yet live on my account. Next to the short list of recent apps, click the Edit Settings button – you’ll see the full list. Facebook shows you when they were last used, and gives you the option to edit settings for each one. Next to the edit option though, there’s a little blue cross – click on that, you’ll get the option to remove the app completely.

In less than 10 minutes, I went from 65 apps to 39. I have a few things to check, but a load more may soon disappear too.  How many did you have?  More than you thought, I’d wager. Let me know in the comments!



Blog: Facebook security update (this time it’s good news!)

In Facebook, Facebook tips, Social Media on February 5, 2011 at 7:02 am

There’s a good chance most haven’t noticed that Facebook uses HTTP, rather than the more secure HTTPS when logging on to your account.  There’s a significant difference in the security of one over the other, and Facebook have finally updated the security options to give you a choice (at least, they’re rolling it out now, so if yours isn’t live, check back tomorrow!)

Why would you want to do this? Simply, when you log in using HTTP, your user data is not encrypted.  If you use wireless networks in public places, you’re particularly at risk – as shown by this exercise in October 2010 when someone spent a half hour in a café and collected access details for over 20 Facebook accounts.

What do you need to know? HTTPS encrypts your details and makes it more difficult for them to be abused. It’s not perfect, as the update applies only to the website, not mobile applications on platforms like the iPhone – but it’s a step in the right direction. As with all encryption, it’ll have a small impact on speed – but so small most won’t notice it.

Facebook Account Settings Screenshot

To activate HTTPS, click the Account button on the top-right of your screen, then Account Settings.  You’ll then go to the bottom of the next menu and next to Account Security, click Change.

Facebook Account Security Screenshot

Put a tick in the box for HTTPS, remember to Save – you’re done.

%d bloggers like this: