Secure IT Foundation

Secure Settings#2 – Facebook

Posted on: October 8, 2009

Facebook is a great tool for communicating with friends, family and work colleagues. If you have a ‘happy’ view of the world, you will enter all your real information, funny pictures of yourself, choose a simple password like ‘brad’, then wonder why things go badly in your life for no apparent reason. Identity theft is a serious risk and a profitable crime from the bad guys, and you just gave them most of the information they need to steal your identity.

Here are the correct steps to take when creating a Facebook profile:

  • Don’t be yourself! People you know can be told your online identity to become friends online, people who you don’t know or don’t want to know can be kept in the dark… your identity is on a ‘need to know basis’ only! If your identity is stolen or compromised then you can create a new profile, use real information and it cannot be changed so easily.
  • Create a secure password – over 12 characters long with letters, numbers and symbols like ‘!”£$%^&*(){}:@~<>?’. Too hard to remember then the next best thing is a long combination of words commonly known as a sentence e.g. “Mary had a little lamb and 1 ate it for lunch” or “My hi-fi came from the back of a lorry”. Count the number of letters / spaces and both examples are over 20 characters long and would be hard to guess. Note – our examples are for a guide only, please don’t use them yourself – don’t be that silly!
  • Active the account from your newly created persona
  • Don’t import all your friends immediately or let Facebook access your web email account, you choose your friends carefully!
  • Edit your basic profile first.
  • If you use your real date of birth don’t display your birthday on your home page, as date of birth is one of the most used pieces of information in life for authentication and you should not give it away to world for free
  • Filling out every field is not compulsory so either use false information or none at all
  • Go into your account settings and set a security question – treat this a password, choose any question then enter a long password. If you really cannot remember a second password for the site, either use a password manager like Lastpass or use your login password. Bad security practice but better than an easier to guess answer like your first kiss or mother’s maiden name. Don’t forget to change it at least once a year.
  • Privacy settings should be next. An odd title really, as it is about what information you want to let other people see not hide, so it should be called exhibitionism. Set all options to only friends if you want to maintain control of your life on Facebook.
  • Only give out real information in a post on a wall if you really want it to be there for the world to see for eternity.
  • Applications are really dangerous to your computer’s safety, so don’t go mad and add every app you find on Facebook to your profile as some are written by bad guys to steal your information and bank details
  • Remember that you are not anonymous online as your computer’s IP address will be logged, and if you pay money to Facebook that will link real life with face space. Silly  / offensive / drunken / stoned pictures will not make a prospective boss likely to give you a job!
  • Just don’t forget to have fun with it. Sensible use of new technology can be enjoyed with a little preparation before you begin. Dive into the deep end before you can swim, then you cannot expect to live long and prosper.
  • Not sure what you are doing, then create one fake identity with no real information for practice. Once used to Facebook then do a second account, after it is free!



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s


  • Coldwind: Couldn't agree more. I downloaded a piece of software just now, disabled the 'toolbar' 'offer' (which fortunately for me has become a reflex); but co
  • ModemJunki: I only discovered this today - I had updated the firmware to the latest out of habit, and I could STILL access my TrendNet cams on the local network w
  • PrentOS – a Simple Secure Computer « Secure IT Foundation: [...] September 2010 we said it was time for a brand new start to computing, well it is starting to take shape… [...]


%d bloggers like this: