How to Protect Your Instagram Account from Being Hacked
In the wake of an apparent “hacking spree” on Instagram, a lot of people are wondering how to protect their Instagram accounts from being hacked.
Getting hacked is certainly a scary situation to be in — especially if you’re a business that relies on Instagram to make sales or generate leads!
So what can you do to protect your Instagram account?
In the following post, we outline 5 important strategies to keep your account secure and out of hackers’ hands (+ what to do if your Instagram account has been compromised!):
First Things First: What to Do if Your Instagram Account Was Hacked
Before we go over some security tips and ways that you can protect your Instagram account from being hacked, let’s take a look at what to do if you think your account has been hacked or taken over:
Option #1: Use Instagram’s New Account Recovery Process
First reported by Motherboard, on June 17th, an Instagram spokesperson announced that the platform was testing new security features that “will make it easier for you to sign in and reclaim your account if it has been hacked.”
But that’s not all! According to the spokesperson, Instagram is also reportedly testing features that could make it harder for hackers to steal Instagram accounts in the first place.
Here’s how it works:
If you can’t access your Instagram account because the password was changed by a hacker, you can tap the “My login info isn’t working” button, which will prompt you to enter the email address or phone number linked to your account or the ones used when you signed up to Instagram.
Instagram will then send a six-digit code to allow you to regain access to the account.
When you regain access to your account, Instagram will then take additional measures to “ensure a hacker cannot use codes sent to your email address [or] phone number to access your account from a different device,” the spokesperson added.
According to Motherboard, the new security process started rolling out on Monday — however, it’s still unclear how long it will be until most users get access.
We’ll be sure to keep you updated as more info comes out!
Option #2: Use Instagram’s Old Account Recovery System
If you don’t have access to the new feature yet, you can still use Instagram’s old process for recovering hacked accounts:
Step #1: Check Your Email Account for a Message From Instagram
If you received an email from Instagram letting you know that your email address was changed, you may be able to undo this by using the revert this change option in that message.
If additional information was also changed (like your password), and you’re unable to change back your email address, you should report the account to Instagram. Here’s how to do it:
On the login screen, tap Forgot password?
Tap Need more help? below Send Login Link, then follow the on-screen instructions.
Enter a secure email address that only you can access. Once you’ve submitted your request, be on the lookout for an email from Instagram with next steps.
#2: Verify Your Account
Once you submit your request, you should receive an auto-response email from the Security Team at Instagram asking you to help us verify your identity. You’ll be asked for one or both of the following:
- A photo of yourself holding a paper with a handwritten code we’ve provided you.
- The email address or phone number you signed up with and the type of device you used at the time of sign up (example: iPhone, Android, iPad, other).
Once you provide information to help us verify your identity, we’ll send you specific instructions to recover your account at the secure email address you provided.
#3: If You’re Still Able to Log Into Your Instagram Account
If you think your account has been hacked and you’re still able to log in, here are some things you can do to help keep your account secure:
- Change your password or send yourself a password reset email
- Revoke access to any suspicious third-party apps
- Turn on two-factor authentication for additional security
We’ll go over some of these and more below — in the meantime, here are 5 tips to protect your Instagram account from being hacked:
#1: Pick a Strong Password
The most obvious tip on our list also happens to be the most important.
One of the most common ways that hackers break into accounts is by guessing passwords or by using old passwords that were compromised in data breaches (we recommend using the free tool Have I Been Pwned? to check if any of your passwords have been stolen). So the importance of a strong, complex password can’t be overstated.
While Instagram recommends using a “combination of at least six numbers, letters, and punctuation marks,” most security experts suggest a minimum password length of 8 characters.
You should also consider updating your Instagram password regularly — at least once or twice a year according to most experts. You may even want to use a password manager to keep track of and manage your passwords.
#2: Turn on Two-Factor Authentication
Nearly all major applications now provide some form of two-factor authentication (or 2FA), and this includes Instagram.
With two-factor authentication turned on, whenever you log into Instagram from an unrecognized device, you’ll be prompted to enter an SMS security code, along with your username and password. This can help thwart any attempts by hackers to log into your account and change your contact information.
To turn two-factor authentication on, head to your Instagram profile and tap the settings button. Then scroll down and tap Two-Factor Authentication.
Tap the slider to the “on” position.
If your account doesn’t have a confirmed phone number, you’ll be asked to enter one. Once you’ve entered your phone number, tap the next button.
Now when you log into your Instagram account from an unknown device, you’ll be prompted to enter a security code that you receive by SMS.
UPDATE: In light of the hacks, Instagram recently announced a more robust two-factor authentication system that now lets you use third-party authenticator apps to log into your Instagram account.
To use a third-party app to log into your Instagram account, go to your profile, tap the menu icon, select “Settings” at the bottom and then choose “Two-Factor Authentication.”
Next, select “Authentication App” as your preferred form of authentication.
If you already have an authentication app installed, Instagram will automatically find the app and send a login code to it. You’ll need to retrieve the code and enter it on Instagram, and two-factor authentication will turn on automatically.
If you don’t have an authentication app, head to the App Store or Google Play Store to download one first and then proceed with setting up two-factor authentication.
#3: Make Sure Your Email Account is Secure
Your email is a bit like a gateway to your online accounts — if someone has access to it, they also have access to nearly everything else you’ve used your email for… So make sure it’s secure!
Most email providers have systems in place to block unwanted login attempts and offer security measures like email encryption and two-factor authentication. If you truly want to keep your Instagram account safe, you need to make sure your email account is equally as safe.
#4: Revoke Access to Suspicious Third-Party Apps
To manage your third-party apps, open your Instagram profile on your desktop computer, click the settings button, and then click on “Authorized Apps.”
Here you’ll find a list of apps that you’ve authorized to access your profile and account information. If you notice anything strange, you can easily click revoke third-party app access by clicking the Revoke Access button.
#5: Extra Security Tips
While the above tips should be enough to keep your account secure, here are a few more ways you can stay safe:
The first is to remember to log out of Instagram whenever you use a shared computer or phone. And if you log into Instagram from a public computer, make sure to not check the “Remember Me” box, as this will keep you logged in even after you close the browser.
The second is to never give your password to someone you don’t know or trust. This one’s fairly obvious, but one of the most common ways that hackers gain access to people’s accounts is through “phishing.”
How phishing attacks work is hackers will send you an email that contains a link to a fake Instagram login page. When you log in with your email and password, they get your credentials.
To prevent this from happening to you, make sure you have two-factor authentication turned on and always vet the legitimacy of the emails you receive.
The third tip is to be more wary of the accounts you follow on Instagram. And thanks to a new About This Account tool, you can do just that.
With About This Account, you can now see more information about accounts on Instagram that reach large audiences. That way, you can evaluate the authenticity of the account before following it.
To learn more about an account, go to their Profile, tap the “…” button and then select “About This Account.”
There, you will see the date the account joined Instagram, the country where the account is located, accounts with shared followers, any username changes in the last year and any ads the account is currently running.
With the number of Instagram accounts that were recently hacked reaching into the thousands, it’s super important that you take the right steps to secure your account and protect yourself against hackers. Let us know in the comments if you have any other strategies to keep your account safe!
Never miss an Instagram feature again! Join over 1 million Instagram marketers and subscribe to the Later newsletter to keep up with all the latest Instagram trends: