Facebook and Security

As Facebook’s social media footprint grows and it becomes more widely used in our society, it also becomes a bigger target for those wishing harm on others. There has been an increase in scamming messages, phishing attacks, click-jacking attempts, account hijacking, and even some malicious scripting code. The level of risk however, is dependent on the user.

In an attempt to keep its users safe from malicious attacks, Facebook has taken many steps to provide a safer environment for everyone. Besides making the switch to secure browsing with HTTPS, one of the main steps is the inclusion of advanced security options that let the user decide for themselves what type of security measures to enable.

Within the Security Options Menu on Facebook are various settings that can be changed by the user. These include the ability to enforce secure browser connections, notification message settings for when an unknown device logs in to your Facebook, multifactor login settings where Facebook sends an authenticated code in order to login from new devices, and even a list of all the current active sessions of your account open at that time.

Facebook has its own documentation on how to use these settings for the highest level of security, as well as other tips like how to enable one time passwords for every Facebook session you wish to begin, how to determine and avoid suspicious content, and even how to recover your profile after it has been hijacked. To find out more download Facebook’sGuide to Facebook Security or check out the Facebook Security page.


  • Don’t follow links that you don’t trust or know of.
  • A Facebook session is only authenticated once. Once logged in, neither Facebook nor any of the apps will ask you to log in again or input your username and password.
  •  Keep your browsers and devices up-to-date to minimize risk.
  • Never share your password with others or reuse them on other web sites.


Training & Documentation

There are some common myths surrounding smart phones, tablets, and other devices that can connect to the web.

Cookies remember an individual based on a generated identification string that is user-specific. This string is stored in the browser and then used by other sites as a source of information for identity and other similar purposes.

How-to news article describing email phishing and how to effectively report it to ITS.

October is National Cyber Security Awareness Month.

Tips to protect yourself from online scams.

Third-party plugins and extensions are programs or add-ons that are developed by someone other than the browser or computer’s manufacturer, but are designed to work within the selected software.