How to Secure Your Instagram Account
By George Kamau
In recent years, Instagram has become a popular platform for sharing photos and videos with friends and family plus also being a platform to share your creative work as you build a personal brand, especially to Influencers thanks to its tone of features such as Instagram Stories which have hooked its respectively.
Here are a few steps that will increase the security of your Instagram account and keep hackers away.
Use a Strong Password
It’s time to stop using dumb passwords.
You can create a strong password that has a minimum of 12 characters, includes numbers, symbols, capital letters, lower-case letters, isn’t a dictionary word or combination of dictionary words plus doesn’t rely on obvious substitutions.
It’s has been made easier by password generators free on the internet such as strongpasswordgenerator.com and passwordgenerator.net. What I usually do is after they have generated one for me, I go ahead and modify it to make it easy to remember.
Password managers also create for you strong passwords. LastPass has a tool for that and you don’t have to create an account with them. Dashlane too, although you’ll have to create an account with them.
These tools will not only create a strong password for you, but they can also manage the passwords for you for different accounts so that you don’t have to use the same password for your other accounts.
Some browsers like Chrome also do handle password management too for not only current accounts but also new accounts. It even has password checker that is a service that examines a user’s saved passwords if they have been compromised in any way.
Another way is through the Passphrase/Diceware method. This method suggests choosing 6 or more random words and joining them together to create a passphrase which then becomes your password.
Use SMS Two-Factor Authentication
Instagram offers SMS 2FA where you add your number so that when you log in to Instagram account, a code is sent and you use it as a token to verify your account.
Simply head to your Instagram profile and tap the settings button. Then scroll down to Security and tap Two-Factor Authentication and enable this feature.
Save these changes when you’re done.
SMS based 2FA isn’t the safest though. Companies can use your phone number for ad targetting purposes such as Facebook and Twitter. Also, sim swaps can occur without your knowledge leaving you vulnerable.
Despite this, it is the easiest to set up and is more adaptable for most users.
Use Application-Based Two Factor Authentication
You can now ditch SMS-based 2FA for app-based 2FA and Instagram already supports third-party authentication apps such as Authy, Microsoft Authenticator, Google Authenticator and LastPass apps.
Authy even allows for multiple device support for those who frequently change devices via a cloud backup.
Authy’s desktop, Android and iOS apps let you search for tokens by name, display tokens as a list or grid view, greater device information so you can view and remove unused apps. You also get push authentication support for websites that have implemented it.
It’s best to install the Authy app on your phone and desktop or another device so that when the tokens are synched to the Authy Cloud, they automatically sync. This is so when an attempt to install another instance of Authy, you get notified via the other app as Authy checks the new device against an existing device they already trust.
Once this is done, go ahead and turn off the apps multi-device feature so that no additional apps are installed.
Most sites will suggest Google Authenticator app for 2FA but you can easily substitute that for Authy.
2FA apps are also vulnerable as most sites have a logic flaw vulnerability that let you log in without knowing the current password. It works for when you’re trying to change your password while being in the process of logging in in the 2FA login page. Google fixed this issue. Instagram and Microsoft are still vulnerable.
Simply head to your Instagram profile and tap the settings button. Then scroll down to Security and tap Two-Factor Authentication and enable this feature for the Authentication app option.
If you have the authentication apps listed above, Instagram will automatically find the app and send a login code to it. You’ll have to get the code and enter it. Once that is done, two-factor authentication will turn on automatically.
Consumers are becoming more aware of 2FA and moving beyond password-only logins as there’s been a 538% increase in users enabling 2FA from 2015 to 2017.
Review apps connected to your Instagram account
Make sure you review apps that use your Instagram account to log in to their platforms. If you longer use those apps or services, revoke their access.
Head to your Instagram profile, go to Security settings and tap on Apps and Websites or just click here. If you see anything shady or apps you’ve stopped using, easily click revoke third-party app access by clicking the Revoke Access button.
Instagram is also introducing an updated authorization screen that lists all the information the third party is requesting to access. You’ll have the option to “cancel” or “authorize” this access directly from the authorization screen.
Use Instagram’s New Account Recovery Process
This is for when you can’t access your Instagram account because the password was changed. Just tap the “My login info isn’t working” button that will prompt you to enter the email address or phone number linked to your account. Instagram will then send you a six-digit code to allow you to regain access to your account.
Avoid Phishing Emails
Instagram has a “Emails from Instagram” tab, which will allow anyone to check if an email claiming to be from Instagram is genuine to avoid phishing emails. It can be found here Settings > Security > Emails From Instagram. A security tab displays a list of the emails Instagram sent you within the past 14 days regarding your account security and the locations from which you’ve logged in. On the “Other” tab, Instagram will show you any remaining emails Instagram sent to you over the same period
Other Privacy features
- Make your account private so that you can only share your photos with a select group of people. Your photos will stay hidden from everyone else and thus only people you really care about will be aware of your activities.
On the app, head to your profile, scroll to settings then select “Privacy and Security” then “Account Privacy.” and enable that toggle.