How To Protect Your Instagram Account from Hackers
By Tracy Dowdy
Back in August, there were widespread reports of Instagram users being logged out of their accounts without their knowledge or consent. That in itself was unusual but the bigger issue was that their username, password and profile image had changed, and the email address and Facebook account that was linked to the account had also been changed. No new photos were added and it appears no photos were being deleted, but Instagram’s security policies can make it very difficult for users to access their account if the email and phone number associated with the account are changed without their knowledge – in other words, if they’ve been hacked.
Perhaps most troubling is that even users with two-factor authentication were affected.
At the time, Instagram said it had a system in place to deal with this and similar issues, but many users complained it fell short. Instagram, like its parent company Facebook, relies on an automated account recovery process. Because users don’t get live support, the process can be frustrating and tedious.
Instagram appears to have listened and the company has announced that they’ve improved the two-factor authentication process. Previously, Instagram’s two-factor relied on SMS, a relatively insecure way to send authorization codes. Now, Instagram has implemented a system that uses an authentication app to secure your account.
Here’s how to do it.
Go to your Instagram Profile page and tap the menu button in the top-right corner. Select Settings, then scroll down to Privacy and Security. Select Two-Factor Authentication. If you’ve been using two-factor authentication, toggle off Text Message and toggle on Authentication App. If you have an authentication app already installed on your phone, Instagram will use that otherwise it will suggest one for you to download.
Going forward, since you’ve authorized through an app, hackers would need to be able to retrieve the security code sent to your phone instead of just knowing your username and password. Even better, if you forget your password or somehow your account is still compromised, Instagram will issue you five recovery codes when you authorize through the app, enabling you to get back into your account if you can’t access codes via SMS or your authentication app. If you’ve used them all or are concerned someone may have seen them, you can get new codes through these steps: Settings > Two-Factor Authentication > Recovery Codes > Get New Codes.
Tracey Dowdy is a freelance writer based just outside Washington DC. After years working for non-profits and charities, she now freelances, edits and researches on subjects ranging from family and education to history and trends in technology. Follow Tracey on Twitter.