This is an archived article and the information in the story may be outdated. Please check the time stamp on the story to see when it was updated last.
Most of us will spend a lot of holiday down time on social media. That means logging into Facebook, updating your status, liking friends photos, and more routine actions that we’re used to making. But, what if we told you that giving permissions to your favorite games like Candy Crush (the best way to beat boredom–especially over a holiday week) could actually be exposing your account to potential hacks? We spoke with the leading tech experts to discover what mistakes you’re making with Facebook that might get your account into big trouble:
Granting Permission
"People keep forgetting that whenever they use 'Connect with Facebook' (or Google, or Instagram, etc.) they are granting the apps, websites, and services they are logging into a access to their own private information," Omer Yarkowich, VP Products & Marketing of MyPrivacy
"While granting these permissions is not a matter of black or white--some people are perfectly fine with sharing some personal information in exchange for a personalized service or experience--the problem starts once we're done using those services," he explains.
"For example, ever played Candy Crush? If you granted the game permission to access your Facebook profile (because you had to know which level your bestie is on!) chances are that King, the company behind the super successful game, still has access to your personal information. Not only that, there's a good chance that your data is being actively extracted and read by at least some of those apps that you granted permission." Yikes!
In fact, this is how Cambridge Analytica harvested data from Facebook users in their infamous breach, he explains. "The scandal made Facebook improve its permissions management, but it's still not enough." TL;DR: your data is still not safe.
Omer suggest his own product, MyPrivacy for iOS, for running a social permissions clean-up. "Just connect the desired account (Facebook, Google, Instagram, and more) and see which apps and services have access to your personal data. Remove the ones you no longer want connected."
Password Too Weak
"When you use a simple password for Facebook, it makes it incredibly easy to crack your account using something called a brute force attack," James Song, Principal Investigator at Shadow Foundry, a blockchain research and innovation group in New York, tells us.
So, how can you pick a secure passwords? "What you want to do is create a mathematically difficult password that resists cracking," he advises. "Pick six random words and use that as your password. A six-word combination is so mathematically difficult to crack, only a nation-state would have the resources to break it."
READ MORE: Why You Should Delete The Facebook App From Your iPhone Right Now
Personal Information
"The easiest way to get hacked on Facebook is by leaving too much personal information about yourself (and by keeping your posts and comments open to the public)," Shuaib Shakoor of Nerd Rangers tells us. "Nefarious individuals will try to use your information to social engineer their way to guessing your password reset questions like “What’s the name of your favorite pet?”, “What is your mother’s maiden name?”, “What year did you graduate from high school?”.