Facebook Safety Rules (2FA, Facebook Containers and other settings)
Please add 2FA to your FB/Instagram accounts. It will prevent 80% of account hacks and lost accounts.
Most of account locks/bans is a result of hacked accounts and/or paranoid FB policies that attempt to prevent these account hacks.
When you add 2FA, FB marks you account as "less risky" from one side and 2FA makes hacks significantly more difficult for hackers. For example, you can use VPN and switch IP address without temporary account lock. In worst case scenario, FB is going to force you to login using 2FA.
When configuring 2FA, do at least three things:
Primary 2FA method: configure TOTP using Google Authenticator or similar application (I use Aegis because it allows backups of 2FA tokens)
Secondary 2FA method: print/save 2FA backup codes in case you do not have access to Authenticator app
backup 2FA token or QR code (in case you need to restore Authenticator app)
Backup all your tokens from TOTP app (that's why you should use Aegis, Google Authenticator allows backups to Google Account, but not locally on smartphone or on PC)
Optional:
configure Authenticator app with FB token on another device (in case you do not have an access to your main smartphone)
configure an additional 2FA method using SMS (I personally would not recommend this but for many it will be easy secondary 2FA method).Configure an additional 2FA method using YubiKey Hardware Token or similar device
After you implement these steps you will forget about account locks/bands that are result of account security issues. Obviously, the bans which are results of real or imaginable TOS violations could not be prevented by these steps.
Another vector of attack on FB account is stolen session/cookies attack (or similar one).
To prevent this on PC... well, nothing is going to help if you have a keylogger/trojan/virus on PC. Don't blame Facebook/Meta for this.
You can significantly reduce the possibility of stolen session/ cookie attack if you use Firefox "Facebook Container" (you run facebook.com and messenger.com in a sandboxed environment) or login to Facebook/ Messenger/Instagram from separate browser that is used only for Facebook sites.
Additional measures:
- use offline password managers to store your passwords (I personally recommend KeePass) . You will need to remember only one password and not hundreds. FB and other services do not like frequent password reminders
- make your FB friend's list private. Nobody except you should have access to this list.
Go to https://www.facebook.com/settings/?tab=how_people_find_and_contact_you and change a corresponding settings
- exclude your FB profile from search engines. Go to above link https://www.facebook.com/settings/?tab=how_people_find_and_contact_you and turn it off
- at the same link, turn "Who can Facebook suggest your profile to based on your phone number or email address?" off
- change your default audience to friends here https://www.facebook.com/settings/bundled/
Select "Custom", click "Next", on the next page set following:
Who can see your future posts/stories/reels: Friends
Who can comment your public posts: Friends
Who can see your public profile info: Friends
Last one: do not link your Facebook and Instagram accounts. Keep them separate, with different email addresses and, if possible, with different phone numbers. I am not sure that it is possible to "unlink" these accounts (I never linked them), but if yes, then split them. If one of these accounts is hacked, it will not cause the lock/suspension/hack of another account.
See also
https://www.reddit.com/r/facebook/comments/1ef04ix/please_add_2fa_to_your_fbinstagram_accounts_it
Comments
Post a Comment