Is changing your password enough on Social Media?
|
|
OP
Joined: Dec 2009
|
New variant, from last thread: I'm going to have people handing social media for me: facebook, linkedin etc. If I change my password, am I safe? Is this the employee who last had the email and user name out of my life? Or can't they just later request a new password as I did?
|
|
Re: Is changing your password enough on Social Media?
|
Joined: Aug 2009
Likes: 1
|
Joined: Aug 2009
Likes: 1 |
A person who has your password can potentially hijack your account with little you can do about it. You can change the password, but when they had it, it would be possible for them to change the email on the account to an address they control, so they could just change it back.
Now, if you change your password AND you verify the email address on the account is an email address you control, then you're pretty safe, providing they haven't added another way to change the password. (Some social media sites allow you to set a new password by sending a text message to a phone number on the account or by adding security questions to the account.)
So in short: Changing the password is not enough. You need to examine the account very closely, to make sure that the email addresses associated with the account belong to you, and if the account allows password reset by SMS or security questions you need to make sure that those belong to you as well.
|
|
Re: Is changing your password enough on Social Media?
|
|
OP
Joined: Dec 2009
|
TACIT, thanks, let me clearify. I own the email account. So I forgot about that!
Listen, the intern or person I hire, is not generally going to sabotage me (if at all ever), until probably day, or a week or two after they leave. But the minute they leave or are replaced, then I'll change the password, and I should then be ok, because after that point, only I have the mail account to receive the new password? ... (correct?)
|
|
Re: Is changing your password enough on Social Media?
|
Joined: Aug 2009
Likes: 15
|
Joined: Aug 2009
Likes: 15 |
> Listen, the intern or person I hire, is not generally going to sabotage me (if at all ever), until probably day, or a week or two after they leave.
That's merely an assumption from which you've got nothing to gain and much to lose!
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
Re: Is changing your password enough on Social Media?
|
Joined: Aug 2009
Likes: 8
|
Joined: Aug 2009
Likes: 8 |
Not every password change results in a new password being e-mailed to you. Sometimes you get a confirmation that it was changed, sometimes you change it at the site in question and that's the end of it.
To add to the paranoia (?), your intern could change your password, and if the site is one that does not e-mail a new password to you, then s/he owns your account!
On a Mac since 1984. Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
|
|
Re: Is changing your password enough on Social Media?
|
|
OP
Joined: Dec 2009
|
Ira, wow, I think that's pretty rare, especially for major social media sites.
|
|
Re: Is changing your password enough on Social Media?
|
Joined: Aug 2009
Likes: 16
Moderator
|
Moderator
Joined: Aug 2009
Likes: 16 |
I don't know about Linkedin, but Facebook and Google+ allow you to set up a "page" or "group" such that you are the owner but other persons (accounts) can be defined as having privileges you specify. That way your intern/employee could maintain the page and when they leave you can simply turn off their access. They never need to know or use your password and you can turn off their access like a light switch. Even better, it allows you to have a public or business presence that is separate from your personal presence.
The trick/difficulty with Facebook is keeping track of their almost constantly evolving/changing privacy rules and settings. But if you have any regard whatsoever for your own privacy and security you should be staying on top of that anyway.
If we knew what it was we were doing, it wouldn't be called research, would it?
— Albert Einstein
|
|
Re: Is changing your password enough on Social Media?
|
|
OP
Joined: Dec 2009
|
thanks Joe, never heard of that, but will mention it to the SM people I hire. I'm not sure how one turns off their access, but I'll look into that!
|
|
Re: Is changing your password enough on Social Media?
|
Joined: Aug 2009
Likes: 15
|
Joined: Aug 2009
Likes: 15 |
I don't know from social media sites, but I recently changed my password at Chase Bank and did NOT get a confirmatory e-mail.
The new Great Equalizer is the SEND button.
In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
|
|
|
|