Facebook Security is a non existing concept. Still there are some extra measures to make a normal Facebook Account or Admin’s or Developer Account Secure. In our previous article, we have written about Blocking People in Facebook and this is one of the big loop hole, and you must read that article as well. Probably a book can be written on the possibility of the exploit of this blocking feature.
Facebook Security : Is not Facebook officially aware ?
Facebook is well aware of the risks. They do have official special pages, dev guides, doc etc. But its matter of fact, within 1000 worded article there is no official summary from Facebook where these methods are written in easy way and with the importance, cross reference of the technical terminologies.
Most importantly, Facebook’s platform needs to be a kind of different as it is not targeted for business purpose from the begining, either by the users or Facebook itself, historically it was for the students of Harvard. The major practical problem of these Facebook Security becomes clearer to the webmasters, who needs an account for promoting, connecting with few friends etc.
---
Another point is very important. What level of Programming language you know can not make you not reading this article on Facebook Security – because you might know about Python, Ruby, PHP, ASP and might have few important Open Source scripts on GitHub, but you or me do live on Facebook. You or me usually go, login and check messages, invitation etc. But, with little or practically no knowledge, the problems, the peculiarities, the weak points of Facebook Security can be most understood by a teenager only by experimentation and trial and errors.
Facebook Security versus Google Plus and Twitter
Twitter is fully for promoting purpose. My own Twitter account got hacked by allowing an App. But the risk is less for various technical points. Security of Google Plus is currently of good standard and the reason is quite obvious – its the Flaws of Facebook Security which made Google to develop a solid Platform. Furthermore, Google had and has a big pull of Open Source developers apart from Google Plus. Its a big factor, if an Account’s Security is breeched, all important accounts, including AdSense, AdWords and hundreds such will be compromised. It made Google to code fully in different way. Additionally Google’s 2 Step verification made it more stronger.
But, we do need to use Facebook. You like it or dislike it, Facebook Security is a matter that you need to think more than you usually pay attention for.
Facebook Security : Tips and Guides to make your Facebook account more secured
Basically some of these are opt out for Google Plus, but for Facebook Security you need to do yourself.
Increasing Facebook Security by strong password and account settings
You must use a strong unique password, link it with an email that you do not use directly. On that email account, make all messages to get forwarded to your primary email account to make sure that you do not miss any email for spam settings. Keep both the email accounts fully secure by using fully different passwords and make the password recovery process of the emails difficult, like implementing Phone number to verify lost password. Go to Security settings of your Facebook profile :
1 | https://www.facebook.com/settings?tab=security |
Like this :

- Security Question : Unfortunately, there is no custom question. So select an odd question like “Grandfather’s Occupation” and use a fully fake answer. Otherwise if the attempt is by known person, he/she will know the answer easily by simply asking you.
- Secure Browsing : Make it to force TLS over https by ticking the option. Note that, it can not give your Facebook Security a big leverage, but risk of session hijacking is probably lessened to some extent. You can read about SSL and TLS here : SSL (Secure Sockets Layer) and TLS (Transport Layer Security).
- Login Notifications : Check both email and Text / Push option ticked on. Text will help you when you are not in-front of computer.
- Trusted Friends : Make a secure another Facebook account of you using alternative emails, phone number etc. This is for extreme situation to control your account.
- There is no need to do anything with the other two unless you are using a VPN or leased line. Here is an article on VPN.
Now to make Facebook Security more robust, go to Privacy Settings :
1 | https://www.facebook.com/settings/?tab=privacy&ref=mb |
This whole page is quite important and self explanatory. The mentionable point is here :
1 | Choose Your Privacy Settings > Manage Blocking |
There is a Flaw. You might not block a person who has blocked you. You can add the Facebook ID using your own Facebook App (this is for the developers).
I do not think other points those are people suggests can really do any plus for Facebook Security. But, you must protect yourself from Facebook Applications.
Increasing Facebook Security by implementing rules and dividing Friends in to Groups
First, use a vanity name. Vanity name has no security itself, the person with bad intention needs to work more to find the ID. Create Friend Lists, if you do not have any. Restrict the posts. This feature changes the place with time, right now it is on :
1 | https://www.facebook.com/bookmarks/lists |
As we said, Facebook Security is practically non existing simply because some functions of Facebook for Facebook Security depends on others’ security settings too. The most dangerous Facebook Security flaw is to get invited and then intentionally blocked. So whenever you accept a new friendship, even if with all proper data, always keep in the group of Restricted. Unfortunately, due to a Flaw, if someone knows the ID of the “secure friend” list, which is normally not that impossible as your “friend cum foe” can discover it from simple source code of the page as you are not aware when you were blocked and never knew, do not share password or important data using this method.
Trust worthy Facebook Security
Facebook’s Server is not your Server, you can not control it. You can use your own Facebook App hosted on your own Server allowing access to few, not the public for more restriction of a simple message. You can give link to the intended users within limited access of the post itself, then if the person is white listed by you on the App, the person will be able to see it. To make a joke who are trying to breech your Facebook Security, you can redirect them wherever you want. Use a URL Shortner like using we wrote before can restrict from 3 levels.
