How To Secure Your Social Media & Online Presence

With the recent hacking of the Associated Press’ Twitter account, which led to a flash crash in US markets, the security of social media accounts is again in the spotlight.

There have been numerous hacks of these sites and the people who use them in recent years.

Celebrities had their Twitter accounts hacked in 2009 and LinkedIn passwords for 6.5 million people were hacked in 2012.

While hacking social media accounts can be quite easy there are few simple things you can do to make it nearly impossible for the bad guys to break into your accounts.

Enable security features

All social media, web mail and online (cloud) storage sites provide a reasonable level of security.  The problem is these security settings might not all be enabled by default.

In order to make these websites easy to use by the entire population on the Internet, companies try to provide a simple user experience.

Strong security however usually translates to a less user friendly experience, so companies don’t always enable all the security features for you.

Related: How To Deal With Technology Outsourcing

These security features include: encryption, two factor authentication, password recovery and security questions.

Encryption prevents your information from being intercepted by bad guys as it travels from your PC out over the Internet.

Two factor authentication uses a second device, usually a mobile phone, to add another layer of protection.  In order to login to a site that uses this technology, a user needs to enter an additional PIN that gets sent to their phone via SMS.  This is usually only done once per computer.

If a hacker gets a hold of your password, they won’t be able to login because they will not have this second PIN code.

Password recovery options and security questions help to strengthen your security by requiring additional information in order to reset a password or manage your account.  The bad guys can use password reset functionality to take control of your account, these options help prevent that.

Social media sites also provide privacy controls to limit how much information you expose to the general public.

Related: Why Electronic Banking Is Safe

Let’s take a look at the different options that are available on some of the big sites.


LinkedIn has the least number of security options available however it does have an option to enable encryption.

To enable this click on your name and then go to Settings -> Account -> Manage Security Settings and enable “When possible, use a secure connection (https) to browse LinkedIn”

Privacy options are available under Settings -> Account -> Profile -> Privacy Controls


One of the better sites from a security perspective, Facebook offers several security features.  To find these, click on the Cog (options) -> Account Settings -> Security.

Related: Is Social Media The Next Bubble?

Facebook provides encryption (secure browsing) and two factor authentication (login notifications & approvals).

Privacy options are available under Cog -> Account Settings -> Privacy


Big G provides some of the best security options for their services.  If every web company invested this much in security the number of successful hacks would decrease significantly.

To view security options, click on your Google profile picture and go to Accounts -> Security.  From here you can set up two factor authentication (2-step verification), password recovery options and security questions.

Google enables encryption by default.

Privacy controls are found here Account profile -> Account -> Profile and Privacy


Twitter is improving their security controls after the recent flash crash which occurred due to a fake Tweet posted by hackers on the Associated Press’ Twitter account.

Security options are available by going to Cog -> Settings -> Account.

Twitter has encryption enabled by default and also supports security questions (require personal information to reset my password).  They are in the process of developing two factor authentication.


Similarly to Google, Microsoft enables encryption by default and also supports two factor authentication.  They also provide an optional feature to force you to reset your password every 72 days.

Related: Smart Watches – All Hype or Innovative Product?

These options are available under Account Name -> Security Info


It took me a long time to find this site, but security options for your Apple ID are available at

Apple provides encryption by default as well as password recovery options and security questions.  These are available under Password & Security.


For those that use this cloud storage site, DropBox provides encryption by default as well as two factor authentication.

To find these settings, go to your account -> Settings -> Security

Every company is different

As you can see every web company approaches security differently and provides different options.  The key is to understand what options are available and most importantly, to use them!

The trend in the last couple of years has been to roll out two factor authentication.  Since passwords can be very weak, adding in the second factor (usually a phone) can greatly enhance your personal security.

Related: What Will Our World Look Like In 2050?

It might seem like a pain but we need to realize that our digital security is extremely important.

What additional steps do you take to protect yourself online?

Andrew Martin is a Canadian personal finance and investing blogger who recently moved to London, England.  He has a background in technology and a passion for travel.  His blog, She Thinks I’m Cheap aims to help Canadians build wealth by sharing facts, stories and advice.

Print Friendly, PDF & Email


  1. KC @ genxfinance on May 3, 2013 at 4:36 am

    My mail sends me a text message when my account is accessed in another location or device. Just to be sure that no one’s trying anything.

  2. Bet Crooks on May 3, 2013 at 6:05 am

    I find the constant pressuring to add a mobile phone number for security very annoying. I don’t HAVE a mobile. And I have a huge number of elderly relatives who also don’t have one. They should try to come up with another route to higher security for those who can’t justify spending $$ every month to keep a phone in their pocket.

  3. LoonieLover on May 3, 2013 at 7:47 am

    I’m with Bet Crooks! I have a phone, but I bought it before the year 2000. It serves my purposes just fine – to use in an emergency – but I don’t carry it around with me unless I’m going out on the highway. There should be another place for two-factor authentication. Why not another email address? People could set up a new address just for this purpose. Am I missing something?

    Andrew’s point is well taken. Be safe! Here is a cautionary tale from Mat Honan, a reporter for Wired.

  4. Shafi on May 4, 2013 at 9:19 am

    I find it bothersome when, like Bet Crooks, companies want my mobile phone number. What do they want it for? Isn’t my home phone number enough?

  5. Tom Gorski on May 5, 2013 at 1:18 pm

    Highly informative post.. learning about the relatively weaker security features of LinkedIn can be a concern for many as it is one of the hugest professional sites out there

Leave a Comment

Join More Than 10,000 Subscribers!

Sign up now and get our free e-Book- Financial Management by the Decade - plus new financial tips and money stories delivered to your inbox every week.