'Log in attempt. Location: Vietnam'

If part of what you do involves having access to client social media accounts through your own social media accounts, then believe me - the level of security you put on your accounts is bonkers. 

We all know that we should set up 2 factor authentication, and have a nice long, random password, but the reality is that a lot of people tend to work on the assumption that there are around 3 billion users of Facebook and therefore their account is like a needle in a haystack. If we’re working on probability then it’s low that it’ll be your account that gets hacked. 

But what happens when it is you?

I’m speaking from a voice of experience this month - sort of at least. There’s nothing quite like the cold horror of getting a notification ping on your phone saying that someone has logged into your account from Vietnam, and then going to action that notification to find someone has already done it. Which is exactly what happened to me one Bank Holiday Sunday!

I would like to think that my security settings are pretty tight - they have to be, I’ve got client business accounts linked to my Facebook account. I use 2 factor authentication, I have a password manager to securely store passwords, and all of my own passwords are a complete jumble of letters, numbers and special characters. You couldn’t make a word out of my passwords if you tried!

It’s still baffling me weeks later as to how anyone managed to bypass my security settings - especially the 2 factor authentication (because I definitely didn’t get a message!), but somehow they did! And I wish I was kidding when I said I felt sick to my stomach when I checked the devices that my account was logged in from - most of them I recognised, but sadly I was most definitely sitting on a train from Bristol and not in Vietnam. 

So that brings me to the point of all this, which is - check your security settings! There may be nearly 3 billion users on Facebook, but is it a risk you want to take? These days we have so many things linked to our social media accounts - business pages, client pages, even precious memories and photos that we don’t want to lose. The last thing you want to do is take a risk on a weak password and potentially hand over years of work on your business social media accounts to a hacker. 

Make sure you have strong passwords, Google Chrome will generate a strong password for you at the click of a button (and store it for you as well if you want it to), as will Password Managers such as LastPass.

Don’t use the same password for multiple accounts and always make sure you have 2 factor authentication turned on (even though it largely seemed useless in this particular case - it’s still worth making sure it’s in place). 

And if, like me, you have client accounts linked to your own account, have a plan in place to make sure that you can sever that link quickly if need be! Luckily I’m not the only one of my team who has access to the client accounts so even if I have to unlink them because of something like this, someone can still monitor the accounts and make sure that everything is still happening as it should, and that nothing untoward is happening on client accounts. 

It’s also worth making a note to regularly check round your accounts and ensure that all your settings are still up to date - we all know how much social media companies seem to enjoy changing it all, and you never know what their changes have done to your account settings. 

I’m very glad that, despite my fears, there seems to have been no issues. And it just goes to show that even when you’re sure you’ve got everything locked down and all your security settings as tight as they can be - sometimes it still doesn’t work as it’s meant to!