How to stop a hacker at Facebook?

[SahilAr]

Heyy Everyone,
A hacker is constantly hacking my cousin's facebook account,he is sending random messages with severe abuses to known relatives/close friends and also he is posting on wall by hacking his Account,how to stop him?

 

[abhidev]

change the pwd and keep it disabled for sometime....also try setting a complex password

 

[SahilAr]

Tried everything,but still..he's screwing the account!
he has done password reset many times,changed it to a complex password,disabled account,but nothing helped

 

[ritvij]

change the pwd of your primary email linked with fb account.. thats how he must be getting your pwds..

 

[SahilAr]

done that too..
but still he is continuously changing the password of facebook account!

 

[dashing.sujay]

NEVER click on any unknown links, either external or internal (app or via chat). This is the best way to be safe. Plus follow these practices:

1) Logout the current "active sessions"

Spoiler

*i.imgur.com/DeXYt.png

2) Enable https: by default.

3) Enable login notification, it can save your a$$ from worse.

4) Change your primary mail id (just once for trial as the previous one is most probably hacked). Keep it gmail only as it offers better security.

5) Finally change all passwords.

6) Also, clear all cookies of your browser and don't click on "remember me".

Now, I don't see how can any hacker hack your account, of course nobody has got database of FB id-pass!

 

[coolpcguy]

Enable 2-factor authentication

*www.facebook.com/settings?tab=security&section=devices&view

 

[dashing.sujay]

Enable 2-factor authentication

*www.facebook.com/settings?tab=security&section=devices&view

I can't find step2 verification. The link is of "recognised devices". Is it same as gmail?

I don't recommend it personally as sometimes to network congestion, sms comes too late.

 

[coolpcguy]

I can't find step2 verification. The link is of "recognised devices". Is it same as gmail?

Somewhat - facebook will prevent you from logging in if the device is not recognized. So the first time you login in from another computer, you'll get a SMS that you must enter to proceed.

I don't recommend it personally as sometimes to network congestion, sms comes too late.

Account security > anything else.

 

[dashing.sujay]

AFAIK fb hasn't got any option to to block unrecognised devices. It just gives sms alert which I had already mentioned. Step2 verification is something else provided by gmail.

 

[Tenida]

Sms notification is good. I also activated the service both n gmail and facebook.

 

[Faun]

I remember my SIM got corrupted and couldn't login to gmail because it thought that the hardware changed somehow.

 

[dashing.sujay]

I remember my SIM got corrupted and couldn't login to gmail because it thought that the hardware changed somehow.

Gmail gives you some "master passwords" which will always work if you loose access to mobile no you have registered.

 

[RCuber]

ok change your secret questions and and date of birth ( remember the new one you set)..

 

[coolpcguy]

AFAIK fb hasn't got any option to to block unrecognised devices. It just gives sms alert which I had already mentioned. Step2 verification is something else provided by gmail.

False.

1. It's not just SMS alert. You get a verification code that must be entered to login. Ergo, 2-factor.
2. Unrecognised devices can't gain access to your account unless the verification code is entered.
3. You can revoke access to your facebook facebook from any device from the above link.

Gmail gives you some "master passwords" which will always work if you loose access to mobile no you have registered.

If you have access to a facebook from a computer, you can authorize access to other device from that account as well.

(and oh, the Gmail backup codes are 1-time use. You'll have to regenerate them once you've used them all)

 

[s18000rpm]

scan your PC with AV & Malwarbytes.
most prolly some key logger or something.

 

[dashing.sujay]

False.

1. It's not just SMS alert. You get a verification code that must be entered to login. Ergo, 2-factor.
2. Unrecognised devices can't gain access to your account unless the verification code is entered.
3. You can revoke access to your facebook facebook from any device from the above link.

1) Can you tell me how to do that in FB, I can't find an option.

2) Same as above.

3) That link was just listing of devices recognised and you can make them unrecognised if you require, not blocked. (given there is an option).

(and oh, the Gmail backup codes are 1-time use. You'll have to regenerate them once you've used them all)

Thanks, didn't knew it. Though I lost them

 

[Desmond]

One of my friends too faced a similar problem. However, her problem was that someone was able to view here private pics. She says that she is dead sure that no one knows her password. I suspect that it could be some javascript vulnerability. What can be done in this case?
Posted via Mobile Device

 

[dashing.sujay]

One of my friends too faced a similar problem. However, her problem was that someone was able to view here private pics. She says that she is dead sure that no one knows her password. I suspect that it could be some javascript vulnerability. What can be done in this case?

FB is php based, then how come java vulnerability can exist?

 

[Desmond]

I said Javascript, not Java. Don't tell me you don't know the difference.
Posted via Mobile Device