An open community 
of Macintosh users,
for Macintosh users.

FineTunedMac Dashboard widget now available! Download Here

Previous Thread
Next Thread
Print Thread
Is changing your password enough on Social Media?
#25375 03/13/13 05:28 PM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
New variant, from last thread:
I'm going to have people handing social media for me:
facebook, linkedin etc.
If I change my password, am I safe?
Is this the employee who last had the email and user name out of my life?
Or can't they just later request a new password as I did?

Re: Is changing your password enough on Social Media?
kevs #25376 03/13/13 08:01 PM
Joined: Aug 2009
Likes: 1
Offline

Joined: Aug 2009
Likes: 1
A person who has your password can potentially hijack your account with little you can do about it. You can change the password, but when they had it, it would be possible for them to change the email on the account to an address they control, so they could just change it back.

Now, if you change your password AND you verify the email address on the account is an email address you control, then you're pretty safe, providing they haven't added another way to change the password. (Some social media sites allow you to set a new password by sending a text message to a phone number on the account or by adding security questions to the account.)

So in short: Changing the password is not enough. You need to examine the account very closely, to make sure that the email addresses associated with the account belong to you, and if the account allows password reset by SMS or security questions you need to make sure that those belong to you as well.


Photo gallery, all about me, and more: www.xeromag.com/franklin.html
Re: Is changing your password enough on Social Media?
tacit #25378 03/13/13 09:08 PM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
TACIT,
thanks, let me clearify.
I own the email account.
So I forgot about that!

Listen, the intern or person I hire, is not generally going to sabotage me (if at all ever), until probably day, or a week or two after they leave. But the minute they leave or are replaced, then I'll change the password, and I should then be ok, because after that point, only I have the mail account to receive the new password? ... (correct?)

Re: Is changing your password enough on Social Media?
kevs #25379 03/13/13 09:26 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
> Listen, the intern or person I hire, is not generally going to sabotage me (if at all ever), until probably day, or a week or two after they leave.

That's merely an assumption from which you've got nothing to gain and much to lose!


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire
Re: Is changing your password enough on Social Media?
kevs #25384 03/14/13 08:05 PM
Joined: Aug 2009
Likes: 8
Offline

Joined: Aug 2009
Likes: 8
Not every password change results in a new password being e-mailed to you. Sometimes you get a confirmation that it was changed, sometimes you change it at the site in question and that's the end of it.

To add to the paranoia (?), your intern could change your password, and if the site is one that does not e-mail a new password to you, then s/he owns your account!


On a Mac since 1984.
Currently: 24" M1 iMac, M2 Pro Mac mini with 27" BenQ monitor, M2 Macbook Air, MacOS 14.x; iPhones, iPods (yes, still) and iPads.
Re: Is changing your password enough on Social Media?
Ira L #25385 03/14/13 08:24 PM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
Ira, wow, I think that's pretty rare, especially for major social media sites.

Re: Is changing your password enough on Social Media?
kevs #25386 03/14/13 08:46 PM
Joined: Aug 2009
Likes: 16
Moderator
Offline
Moderator

Joined: Aug 2009
Likes: 16
I don't know about Linkedin, but Facebook and Google+ allow you to set up a "page" or "group" such that you are the owner but other persons (accounts) can be defined as having privileges you specify. That way your intern/employee could maintain the page and when they leave you can simply turn off their access. They never need to know or use your password and you can turn off their access like a light switch. Even better, it allows you to have a public or business presence that is separate from your personal presence.

The trick/difficulty with Facebook is keeping track of their almost constantly evolving/changing privacy rules and settings. But if you have any regard whatsoever for your own privacy and security you should be staying on top of that anyway.


If we knew what it was we were doing, it wouldn't be called research, would it?

— Albert Einstein
Re: Is changing your password enough on Social Media?
joemikeb #25387 03/14/13 08:50 PM
Joined: Dec 2009
kevs Offline OP
OP Offline

Joined: Dec 2009
thanks Joe, never heard of that, but will mention it to the SM people I hire. I'm not sure how one turns off their access, but I'll look into that!

Re: Is changing your password enough on Social Media?
kevs #25388 03/14/13 09:00 PM
Joined: Aug 2009
Likes: 15
Online

Joined: Aug 2009
Likes: 15
I don't know from social media sites, but I recently changed my password at Chase Bank and did NOT get a confirmatory e-mail.


The new Great Equalizer is the SEND button.

In Memory of Harv: Those who can make you believe absurdities can make you commit atrocities. ~Voltaire

Moderated by  alternaut, dianne, MacManiac 

Link Copied to Clipboard
Powered by UBB.threads™ PHP Forum Software 7.7.4
(Release build 20200307)
Responsive Width:

PHP: 7.4.33 Page Time: 0.024s Queries: 32 (0.017s) Memory: 0.6086 MB (Peak: 0.6926 MB) Data Comp: Zlib Server Time: 2024-03-29 13:34:45 UTC
Valid HTML 5 and Valid CSS