Y'all Instagram was breached! A bug in Instagram’s API (Application Programming Interface) leaked the email addresses and phone numbers of some of Instagram’s high profile users. Your account is likely fine, unless you are a high profile user, but let's take a minute to talk about securing your Instagram account so you don't get hacked like Selena Gomez.
Step 1: Use a secure, unique password.
Passwords are incredibly important and you want to make sure that yours cannot be guessed and is not already leaked.
Random strings of characters or long phrases are the hardest to crack and the longer the better. I suggest keeping it over 15 characters long. Make sure it does not use information that can be found online. For example, if you post on Facebook that your dog is Snoopy, don’t use the password snoopy1234 or snoopyisthebest!. A password manager like LastPass is a great option for creating strong passwords and storing them for later.
- Password is greater than or equal to 15 characters long
- Unique (not being used for anything else)
- Do not use easy to find information
- Store in a safe place (like a password manager)
Step 2: Enable Two-Factor Authentication.
This means using two methods to verify your identity to get into your account: something you know (like your password) and something you have (like a cellphone). Instagram introduced this feature in March (yey).
When you enable this feature on your Instagram account, anytime you start to login, Instagram will text you a one-time use passcode that will be used at login (after entering your username and password). With this enabled, even if someone obtains your password, they are still not able to access the account without that token.
Here is a great step-by-step guide on how to enable two-factor authentication in your account.
But I’m a high profile user! How do I protect my account?
There is some good news, if your account was included in the leak, your password was not leaked. That doesn’t mean that you shouldn’t take some extra precautions to secure yourself.
Since your email address was leaked, setting up Two-factor Authentication on your email account will help keep it extra secure. You should also confirm that you are using unique, strong passwords on both your email and Instagram accounts.
Your cellphone number was also leaked. Let’s take a moment to make sure your cellphone account is secure too. Make sure you have a unique, strong password set up for online access to your cellphone account. If your provider offers Two-Factor Authentication, set that up too.
I also suggest calling your wireless provider and inquiring about setting up a passcode, which must be used when making any changes to your account. Why the passcode? Some hackers are able to use Social Engineering to gain access to a person’s cellphone account, which allows them to forward any text messages sent to that number to a number of their choosing and obtain any two-factor tokens that are sent to your phone number. The passcode offers another layer of protection to your account and makes it more difficult for hackers.
By following these steps above, you can rest easy knowing that your Instagram posts are more secure from hackers.