You can implement proven security safeguards in order to minimise the risks of social media. The first essential basis for using social media securely is a secure end device. By entering your own additional security settings in the social media apps, you can network with your friends, family and colleagues in much greater confidence. Our overview provides information on what you can do and where you can find these settings:

Even whilst setting up your social network accounts, you can avoid known vulnerabilities. Following the suggestions below can significantly increase the security level of your computer.

Facebook

Activate two-factor authentication

Activate this under "Settings > Security and login > Use two-factor authentication".

You should use a separate e-mail address for logging into Facebook and similar applications.

The advantages:

• Your main address avoids messages sent to you by the platforms and any of their advertising partners.
• It also means your main e-mail address is protected if cyber criminals hijack your account.

Avoid logging in via Facebook ("single sign-on")

• If you use your Facebook account to register with additional websites and this login data ends up in the hands of criminals, they can take over your accounts on these other websites.
• Under "Settings > Apps and websites", check where you have registered via Facebook, and delete them if necessary.

Protect against fake contacts

• Change your privacy settings under "How people can find and contact you" to "Friends".

Set hacker alerts

• Under "Settings > Security and login > Advanced security settings > Receive warning notifications when logged in via unrecognised devices", you should activate all settings.
• Once you do so, you will receive warnings from Facebook if a stranger tries to access your account.

Check device list

• Check under "Settings > Security and login > Authorised logins", that all of the devices listed belong to you.
• You can also have Facebook check whether you account has been compromised by going to www.facebook.com/hacked.

Timeline and tags

• Under "Settings > Timeline and tags", you can select who can post on your timeline and who can tag you in photos. This means that people you do not know cannot link you to content you are not comfortable with.

Facial recognition under control

• Check whether the facial recognition, which should be deactivated as standard under the General Data Protection Regulation (GDPR), is really switched off.
• Under "Settings > Face recognition", check that this function is switched off.

Check account accesses

Check in "Settings > Your Facebook information > Access your information > Security and login information > Logins and logouts".

Deactivate/delete account

• Under "Settings > Account ownership and settings > Deactivate and delete", you can deactivate or completely delete the account.

Twitter

Activate two-factor authentication

• Under "Settings and data protection > Account > Security", you can select and activate a form of two-factor authentication.

Check the access authorisations of apps and devices

• You should deny access to all external services that you do not regularly use. Under "Settings and data protection > Account > Apps and sessions", you can display all of the apps, authorisations and devices and delete them if necessary.

Check account access history

• Under "Settings and data protection > Your Twitter data > Account history > Account access history" you can see the most recent accesses to your account.

Instagram

Two-factor authentication

Under "Settings > Privacy and security > Two-factor authentication", you can select a security method and set it up easily.

Check account activity

Under "Settings > Privacy and security > View data", you can see account activities, password changes or e-mail addresses, and delete them if necessary.

Check authorised apps

Under "Settings > Privacy and security > Apps and websites", you can check the services that have access to your account and delete them if necessary.

TikTok

Two-factor authentication

Under "Settings > Security > 2FA", you can set multi-factor authentication.

Check account access history

Under "Settings > Security > Security notifications > Recent login activities and other", you can see the most recent accesses to your account.

Check device list

Check under "Settings > Security > Your devices > Overview of logged-in devices" whether all of the devices listed there belong to you.

WhatsApp

Two-factor authentication

Under Settings > Account > Two-Step Verification", you can select a security method and activate it easily.

Switch on security notifications

• If the SIM card belonging to a known contact is stolen and inserted into another smartphone, the hacker can pretend to be a known contact. A security warning displays the fact that the security key of the contact has changed. If this is the case, you should check the contact.
• Under "Settings > Account > Security > Show Security Notifications", switch these on.

Passwords and 2-factor authentication

Passwords should be as long as possible, i.e. they should be at least eight characters long and contain different types of characters. Tips and tricks on how to create and remember passwords using mnemonics can be found in the Passwords and Account Security section. Because these can be difficult to remember, applications known as password managers can be helpful here.

2-factor authentication (2FA) is a useful mechanism for applying additional security to an account. Here a distinction must be made between hardware- and software-based 2-factor authentication. Hardware-based systems include for example a bank's TAN generator or a USB key. As you can tell from the information above, often only software-based 2FA is available (SMS code or via a special app). For security reasons, the BSI recommends you use 2-factor authentication wherever possible.

Social engineering is a very widespread method of acquiring confidential or sensitive data. It does so by taking intentional advantage of human traits like helpfulness. Attacks often take place via telephone or by e-mail.

Helpful brochure on social networks

You can find a brochure in A6 format here (in German): social networks brochure embedded