How to secure your instagram account


Keeping Instagram Safe and Secure

July 13, 2021

Today, we’re launching Security Checkup, a new feature to help people keep their Instagram accounts secure. Security Checkup will guide people, whose accounts may have been hacked, through the steps needed to secure them. This includes checking login activity, reviewing profile information, confirming the accounts that share login information and updating account recovery contact information such as phone number or email.

Security Checkup is another way that we are working to keep Instagram accounts as secure as we can. But there are several other steps that we recommend everyone also take to make their account even more secure:

  • Enable two-factor authentication – We strongly recommend enabling two-factor authentication. If you’re using WhatsApp, in the coming weeks you will be able to protect your account using your WhatsApp number in certain countries. Alternatively, you can enable two-factor using your phone number, or an authenticator app like Duo Mobile or Google Authentication. For more info visit our Help Center here.

  • Update your phone number and email – Make sure that the email and phone numbers associated with your device are up to date. That way if something happens to your account, we can reach you. These steps let you recover your account even if your info has been changed by a hacker. For more info visit our Help Center here.

  • Instagram will never send you a DM – Over the past few months, we’ve seen a rise in malicious accounts DMing people to try and access sensitive information like account passwords. They may tell you that your account is at risk of being banned, that you are violating our policies around intellectual property, or that your photos are being shared elsewhere. These messages are often scams and violate our policies. Instagram will never send you a DM. When we discover these kinds of scams, we take action against them. But we also encourage you to report the content and block the account. We’ve sent notices at the top of people’s Inbox to warn them about these messages over the past 2 months. If Instagram ever wants to reach you about your account, we will do so via the ‘Emails from Instagram’ tab in your settings, which is the only place you will find direct and authentic communication from us on the app. For more info visit our Help Center here.

  • Report content and accounts you find questionable – While we are always improving our technology to combat new trends and techniques that hackers and spammy accounts may use, you can also report individual pieces of content to us by tapping the three dots above a post, holding on a message, or by visiting an account and reporting directly from the profile. For more info visit our Help Center here.

  • Enable Login Request – When you set up two-factor authentication on Instagram you’ll receive an alert whenever someone tries to log in to your account from a device or web browser we don't recognize. These alerts will tell you which device tried logging in and where it's located. You can approve or deny the request immediately from your already logged in devices. You can also view the list of devices that have recently logged into your Instagram account at any time under “Settings,” “Security,” “Login Activity.” If you don’t recognize a recent login, you can log out of that location or device and let us know that the login wasn’t you. For more info visit our Help Center here.

Accounts that impersonate others, use their verification status to hack and target people, or generally conduct spammy behavior with the hopes of misleading people on Instagram break our rules. We are constantly improving our technology to find and stop this behaviour.

We’ve also made significant updates to our Support Inbox, so you can find out the latest information about what’s happening with your reports, or find out if any of your posts are violating our policies. This includes being able to easily see the status of everything you’ve ever reported on Instagram, see what posts of yours may have broken our rules, and how to appeal those decisions. From there you can find much more information on the status of what you’ve reported to us.

We’re continuing to provide more features and tools to improve security on Instagram, please visit help.instagram.com for more resources.

RELATED ARTICLES

Check out more announcements about Instagram

How to Stay Safe and Secure on Instagram

Instagram provides a seamless way to share filtered snapshots of life's highlights, but like anything on the internet, it has attracted its share of bad actors. Online harassers, hackers, and scammers run rampant, but don't let that scare you away from the Facebook-owned social network.

The social app has introduced a number of features intended to secure your account. There are settings you can manage to control your account's privacy and ensure no one breaks into your account. Here's how to make your Instagram account safer.

Advertisement

Enable Two-Factor Authentication

If you're worried about someone hacking your account and posting on Instagram without your authorization, setting up two-factor authentication (2FA) is a must. By requiring a second form of authentication after you enter your password, a hacker can't access your account without physical access to your connected device, even if they have your password.

To set it up, navigate to your profile and tap the hamburger icon (). Select the Settings menu (top of the pop-up on iOS, bottom-right on Android) and tap Security > Two-Factor Authentication > Get Started. You can then choose to set up 2FA through text message or an independent authentication app, such as Google Authenticator.

If your phone is having connectivity issues and can't receive an SMS security code, that's where recovery codes come in. Go to Settings > Security > Two-Factor Authentication > Recovery Codes, and use the displayed code to log in.

Don't Get Phished

To help users differentiate between fake emails and official Instagram correspondence, Instagram is rolling out an "Emails from Instagram" tab, which "will allow anyone to check if an email claiming to be from Instagram is genuine," the company says.

The feature can be found via Settings > Security > Emails From Instagram. A "Security" tab will display a list of the emails Instagram sent you within the past 14 days regarding your account security and the locations from which you've logged in. A second tab, dubbed "other," will show you any remaining emails Instagram sent to you over the same period.

Check Login Activity

You can watch out for hackers by going to Settings > Login Activity on the desktop. This page will show you a list of locations where you have logged in with your account. You can verify your current location and look through previous activity. If there are locations you don't recognize, it's a good idea to log out from those devices and change your password.

Make Your Account Private

When you post to Instagram, anyone on the platform can see your pictures and videos by default. If you only wish to interact with people you actually know, set your account to private via Settings > Privacy > Account Privacy and toggle Private Account to on.

When your account is private, you'll have to approve new followers before they can see your photos or videos. Only approved followers will be able to find your posts through search, see which posts you've liked, and send you direct messages. With a private account, Google also won't index any of your photos to Google Images.

Block, Restrict, or Report Accounts

If someone is harassing you or posting inappropriate content, report them to Instagram. You can do this on the account's profile page, or directly through an individual post, comment, direct message, or story. Just tap the three-dot icon () on the top right of an Instagram post or bottom right of a story. To report a specific comment, long-press on it (Android) or swipe left (iOS) and tap the exclamation point icon.

You can fill out a form report(Opens in a new window) on Instagram's website as well. If Instagram finds that the account, comment, or video breaches its terms of service, the account in question will be suspended. By reporting an account, Instagram automatically blocks the user for you. However, you can also manually block the account by opening the three-dot menu on the account in question and selecting Block.

Instagram has also taken more targeted action to stop bullying on the platform. A new feature called Restrict(Opens in a new window) hides a particular user's comments and notifications if you want to stop seeing their posts and comments without unfollowing or reporting them.

To enable the feature, go to Settings > Privacy > Restricted Accounts and add accounts manually; or go to the user's profile, tap the three-dot icon on the top right and select Restrict. On iOS, you can also swipe left on a comment to restrict. Once Restrict is enabled, comments on your posts from restricted users will only be visible to that person. You can view the comment by tapping "See Comment," then choose to approve it, delete it, or ignore it. You won't receive any notifications for comments from a restricted account.

Mute Accounts

If you think restricting an account is overkill, you can mute a user. You will remain friends with them but stop seeing their updates in your feed. Instagram will not notify users that you've muted them.

Mute an account from your feed by tapping the three-dot menu () next to the name and choosing Mute. Or go to an account's profile, tap Following, and select Mute from the pop-up menu. You'll have the option to mute an account's posts, their stories, or both. To quickly mute just their stories, long-press the story icon at the top of your feed and select Mute from the menu. In Direct Messages, tap the information icon () on the top right, where you can opt to mute messages and/or video chats.

Go to Settings > Privacy > Muted Accounts to manage your mute list.

Remove Followers

If blocking, muting, or restricting a follower all fail, use the nuclear option: remove them. Go to your profile, tap Followers, and find who you want to remove. Tap the three-dot menu next to their name and tap Remove. This is a helpful feature for when you want to turn your account private and need to remove some followers.

Inspect Accounts

Wondering if an account is legit? Instagram now gives you the tools to help identify real accounts and scammers. Just navigate to their profile, tap the three-dot menu, and select About this Account.

Instagram will show you when the user joined the platform, what country the account is located in, any ads they are running, a history of username changes, and accounts with shared followers. If something seems amiss, you can block and/or report the account.

Manage Tagged Photos

Anyone can tag you in a photo, and these photos are viewable by tapping the photo icon on your profile. But you can remove yourself from these posts or adjust your settings to approve tagged images before they appear on your profile.

Go to Settings > Privacy > Tags and turn off the switch next to Add Automatically. To remove individual items, find an image, tap the three-dot menu, then tap Hide Options (Android) or Photo Options (iOS). Here, you can opt to remove a tag or hide that photo from your profile. You can also tap the tag in the image itself to remove it or hide the photo from your profile.

To manage multiple photos at once, go to Settings > Privacy > Tags > Hide Photos and Videos and select all the images you'd like to be removed from at once. Tap the eyeball icon (Android) or Hide (iOS) to remove them from your profile.

Secure Payment Options

Facebook is making a big push for e-commerce on Instagram, but before you click and buy that targeted item showing up in your ads, add a passcode to your credit card. Go to Settings > Payments > Security Pin and turn it on, which will add an extra layer of security in case you misplace your device.

Revoke Access to Third-Party Apps

Many third-party apps connect to Instagram to provide additional functionality across the web, but it's easy to lose track of how many apps you've connected to your account. Keep tabs on these connections via Settings > Security > Apps and Websites, where you can view active and expired authorized apps, then remove or grant access to the services you want. From the web, click the gear icon to access the settings menu and click Authorized Apps.

Top Instagram Tips for the Photo Obsessed

For more, these Instagram tips will have you snapping photos and video editing like a pro in no time.

Like What You're Reading?

Sign up for Tips & Tricks newsletter for expert advice to get the most out of your technology.

This newsletter may contain advertising, deals, or affiliate links. Subscribing to a newsletter indicates your consent to our Terms of Use and Privacy Policy. You may unsubscribe from the newsletters at any time.

Thanks for signing up!

Your subscription has been confirmed. Keep an eye on your inbox!

Sign up for other newsletters

How to protect your Instagram account from hacking

Hello everyone. I am the marketing manager for Picalytics Instagram analytics and I decided to write an article for marketers and business owners, because in my work I encounter banal non-compliance with safety precautions several times a week.

Let's say you spent time and money promoting your account, rebuilt your direct sales process, and got loyal customers. In the morning, you open Instagram to launch a promotion and... you can't log in to your account. In this article, you will learn about the “prevention” of hacking and what to do if your account is stolen.

As usual, your account is hijacked

You can register on Instagram through mail, Facebook or by phone number. With access to your smartphone (and therefore Facebook, mail), it is easy to access all the services associated with them. Therefore, they steal accounts through these "entry points".

First of all, check the relevance and security of the services linked to your account. Then make sure that you have not specified the mail associated with the account in the contact methods.

And one more thing: you don't store accesses in Google Docs or notes on your smartphone, do you?

In addition to mail and phone theft, the most common hacking option is phishing (gaining access) to the account directly:

1. Cloned phishing

This is the usual copying of mail and official letters from Instagram. In this case, the attacker sends a letter that looks as close as possible to a letter from Instagram - both in interface design and in the sender's address.

The screenshots below show examples of emails from Instagram.

The role address can be different - you need to pay attention to the domain name (the part after @).

This is how a letter from scammers looks like.

Cloned phishing is designed for inattentive people and novice account administrators. Therefore, look both ways when you follow unknown links.

Business stories and useful tips

2. Access through third-party applications and services

As a rule, these are photo editors, promotion automation, auto-posting, direct web versions and so on.

Phishing apps are not verified by Google Play and AppStore. Such services, when registering, request access to an account or imitate authorization through Instagram.

Do not be afraid of authorization in third-party services: some options are not possible without access to the account.

Remember: authorization through Instagram takes place in a new tab on the official website of Instagram.

To check the list of applications that have access to your account, go to the application settings and click "Access Management". You have logged in to these applications through Instagram and can revoke access to your account from them.

If you have lost your smartphone or tablet with access to your account, change your password from Instagram and the service linked to it (mail or Facebook) as soon as possible.

In most cases, small Instagram accounts are hacked to be sold to third parties. On average, such "dead souls" cost $0.3-0.5.

In our experience with Instagram tech support, there is no relationship between account size (or ad budget) and response speed.

For example, after a major advertising campaign, we saw a duplicate account using our trademark (and this is a serious violation) and wrote to technical support. There has been no response from Instagram for three weeks. But there are exceptions to the rule.

How to get your account back after being hacked

Try to react quickly. If you still can log in to your account, change the password for the linked services (mail and / or Facebook). Then enable two-factor authentication.

If you can't log in to your account over , try resetting your password via mail, Facebook or phone number. Upon successful login, enable two-factor authentication.

If you do not receive notifications from Instagram when resetting your password and cannot log in via Facebook (if it was connected), then your account was linked to another mail, and also unlinked from Facebook and a phone number (if if they were connected).

In this case, we recommend that you send a request to Instagram support:

  • Click "Forgot Password".
  • Open the account login page in the Instagram mobile app;
  • Enter your nickname, email and phone number associated with your account.

Instagram can substitute the number of the SIM card currently in the phone in the phone number field - this is not always the number associated with the account.

By the way, we never received a magic link via SMS, despite the fact that the accounts were linked to a phone number.

If you did not receive a letter to your address or your nickname was changed, repeat the previous paragraph by entering both nickname and mail.

If you can't find your account using your old nickname anymore, look in your inbox for emails from Instagram. Didn't receive any information about the account change? Ask a friend to find out your current nickname through the history of correspondence in direct or from comments previously left on your behalf.

If you succeeded in logging in, change the password for your account and associated services (mail and/or Facebook). Then enable two-factor authentication.

What should I do if the login fails?

1. On the password recovery page, click "Need more help?" and enter all the requested information. Check the box next to "My account has been hacked". Send a request and wait for a response to the specified mail.

2. If you do not receive a response within a few days, repeat the request by checking the box next to "I forgot the mail associated with my account."

What to do with a nickname after being hacked

If you managed to regain access to your account, you can change your nickname to any free one. Including your old nickname, if it has been changed.

In some cases, the condition for restoring access to the account by Instagram may be a change of nickname. In this situation, we recommend using a nickname that is as close as possible to the previous one: for example, add a dot or underscore.

If your account has been deleted, you can create a new account with the same email address, but you may not be able to use your old username.

What not to do

  1. Offer scammers a reward or agree to buy the account back. Most likely, the account will not be returned or you will be asked to pay extra (and pay a little more).
  2. Show high activity immediately after the restoration of access to the account.

Conclusion

Hacking an account without the help of its owner is a difficult task. Don't let a moment of inattention deprive you of months of work on your account.

How to insure your account:

  1. Check the security and relevance of Instagram-related services.
  2. Change the password to a secure one. Use unique alphanumeric combinations with different case. Change your password regularly - at least once every 2-3 months.
  3. Enable two-factor authentication.
  4. Do not log in from public Wi-Fi and do not save the password in the browser.
  5. Do not indicate in the header of the account the mail or phone number by which the account was registered.
  6. In case of suspicion, immediately change the password for the account and all services associated with it.

Have you heard about account recovery stories with happy endings? Tell us about it in the comments: we will create a chat for support and exchange of experience.

The opinion of the authors of the guest post may not coincide with the position of the editors and specialists of the Netpeak agency.

Artem Borodatyuk about business and how it changes the world

Andrey Chumachenko about marketing, self-management and agency

Follow

Follow

Subscribe to the Telegram channels of Netpeak founders

How to protect your Instagram account from hacking: useful tips▶️ Planet VPN

May 22, 2021

Your social network account will always attract scammers and hackers who will try to hack access and steal your private data. The more popular the Internet becomes for every person, the more time we spend in the virtual world, the more danger it poses to us. Only reliable protection of your profiles can minimize the risks of attacks and hacks. Next, we will consider what to do if Instagram was hacked - what security measures are needed to protect the account and its reliability.

Instagram security - what settings are needed to protect

Many users use their Instagram account not only to communicate with friends. Quite often, this social network is used for commercial purposes: to promote a business, increase an audience of subscribers, or establish useful business contacts. Not surprisingly, most users strive to protect their account as much as possible. Fortunately, the social network provides a sufficient choice of privacy settings.

The last update to the app was to improve the security and privacy section. There are new settings that increase the reliability of user privacy.

You need to do the following:

  • go to your profile;
  • at the top of the screen, press the button of three stripes;
  • through Settings go to the Security menu.

The main aspect of security is to come up with a complex password

The key question for everyone is how to protect your account from hacking? The answer is obvious - come up with a complex and long password. It is simple and easy passwords that often open access to scammers and hackers.

Instagram strong password rules:

  • more than 8-10 characters;
  • the password must consist of uppercase and lowercase letters, as well as numbers;
  • never use dates of birth, other significant digital combinations;
  • if it is difficult to come up with a password yourself, use a special manager.

Setting up two-factor authentication for an Instagram profile

In order not to be afraid of the notification that Instagram has been hacked, take care of the two-factor authentication procedure, which increases the password strength and security for entering your personal profile.

You need to perform the following procedures:

  • go to your page;
  • go to Settings through the top menu of the three bars;
  • then select the section with privacy and security;
  • in the proposed security options, indicate two-factor identification;
  • set the verification method - through a special application or via SMS.

If you confirm the login to your account via SMS, a corresponding message with an access code will be sent to your phone. If through the application, then install Google Authenticator, which will generate a secret code to enter your social network account.

What to do if your Instagram account has been hacked

As an added security measure, you can link your email address to your Instagram profile and also set up two-factor verification. Thus, you will always know from which IP address and at what time the access was made, this is especially true if your Instagram account has been hacked. In this case, you will be able to change the password for entering the social network through your mail in order to restore access and prevent further unauthorized actions by the attacker.

Checking incoming emails on Instagram account

The developers of the application made sure that users could protect themselves from phishing attacks through their email. Thanks to the new settings, you can view all the letters that have been sent to you in the last 14 days. If it appears that you received it, but it is not on Instagram, this already indicates spam and fake mailings.

To view real message notifications, you need:

  • select Instagram emails;
  • in the Security or Other tab, find the letter of interest.

Applications connected to Instagram - privacy policy

When a situation occurs that an Instagram account has been hacked and mail has been changed, the user does not even think that one of the applications linked to the account could be the source of danger. Often they are needed for linking to extend the functionality of the social network, for example, add filters for Stories or marketing management tools. But a third-party application can also be hacked, therefore, then the attackers will also go to your Instagram account linked to it.

You can protect yourself from risks through the Security menu:

  • go to the section with applications and sites;
  • view all connected resources;
  • delete those that you consider potentially dangerous to yourself.

Privacy settings for your Instagram profile

In addition, you can secure not only the profile itself, but also its individual elements. For example, restrict access to photos, videos, and stories so that only your friends or certain people can see your content. This is convenient so that no one writes offensive comments, does not send spam, and does not share your stories or publications with other users.

For this setting, proceed as follows:

  • through the profile settings, go to the Privacy section;
  • Set appropriate limits on comments, stories, posts, etc.

Restriction of access to unauthorized persons

It's okay not to want to make your posts and photos public, close your profile via privacy:

  • in the privacy management, select the closed account option;
  • access to content will be allowed only to your subscribers;

  • You can set the ability to view your content only to a certain circle of subscribers, if you wish.

Access options for viewing Stories

In the application settings, you can manage stories to hide them from individual users or distribute the publication to close people. If necessary, you can enable a ban on the repost of your stories and publications.

Comment management

One of the disadvantages of social networks is that many users allow themselves to openly insult others, for example, send hurtful messages or write dirty comments. Don't let negativity spill out on your page, so use the appropriate settings:

  • Privacy - Comments;
  • set the appropriate prohibitions.

Direct Spam Control

To avoid receiving spam, annoying ads, or uninteresting messages from strangers in Direct, you can make sure that only a group of people who are your followers and who you also follow receive emails:

  • Privacy - Messages;
  • select the mode of the people you follow.

Hiding online status

In order not to be hacked into Instagram and change your email and name, another security measure can be to hide your status on the network. Your subscribers will not know when you are online, and you will secretly log into your account.

Actions are:

  • Privacy - Online status;
  • deactivate this option.

Restrict access to status to specific users

If you are tired of spammers and advertisers, managers who want to impose unnecessary services on you, just block them or restrict access to your account:

  • select an unwanted third-party user profile;
  • in the upper right corner, select the menu with three dots;
  • press the lock or restrict access button.

There is an alternative way - to set the mute mode so that you do not see stories and posts from this user in your feed:

  • Subscriptions;
  • Switch to silent mode;
  • Activate the option for stories or posts, or for both content types at the same time.

Push notification control

Instagram has notifications that are set by the program according to the standard, and users do not always like them. Annoying pop-up alerts? Then you can immediately disable them:

  • in the profile, enter the menu through three bars;
  • Settings - Notifications;
  • in the list disable the ones you don't need.

How to secure other social networks

In order not to guess how to restore Instagram if it was hacked, it is better to take care of its protection right away. And this applies to other social networks that you use. Carefully study the settings in each profile, set hidden status modes, limit the display of your content to unauthorized persons, come up with a strong access password so that your privacy is kept at a high level.

Conclusion

Ensuring security on Instagram is an essential aspect for every user who frequently uses this social network.


Learn more