How to Protect Your Social Media Accounts from Spammers

By Hootsuite | 2 years ago | No Comments

We’re seeing an increase in attempts by spammers to gain unauthorized access to social media accounts by exploiting password weaknesses. HootSuite itself has not been compromised, however, unauthorized users are attempting to login to HootSuite using user IDs and passwords acquired from other websites or networks, with minimal success.

How HootSuite is helping to protect you:

At HootSuite, your security is our top priority. We’re deploying numerous security measures behind the scenes to protect you:

1) Social Verification: We will require you to verify yourself using Twitter or Facebook login credentials associated with your HootSuite account (you’ll need to know the passwords for these networks). If you’re a team member without access to social network credentials, then we will verify you via the email address associated with the HootSuite account.

What you'll see when you try to log into HootSuite.
What you’ll see when you try to log into HootSuite.

2) Location Verification: We’ll record your location. If you login from another location, we’ll want to make sure you’re the authorized user, and not an external threat, and ask you to verify yourself again. This is an extra step to gain access, but a necessary one to protect you and your accounts.

What you need to do:

Create a secure password according to our best practices.

We recommend:

  • Avoid using the same password for any other login

  • Using both upper and lowercase lettering

  • Including a number and/or character

  • Choosing a combination of letters and characters longer than 8 characters

  • Avoid sharing this password with anyone

Start with our help desk article that addresses this specific situation

Where to get help:

Have a look at our best practices article on password security:

Read up on our CEO’s Security recommendations:

Larger companies should consider a social media audit through our Security Services team. Visit our Security Services page to learn more.

Follow @HootSuite_help for updates.

If you’re an Enterprise client, contact your Account Manager who can provide you with more details.

Written by

EmilyAttewell 5pts

I tried to sign in to our account and was asked to verify the account. I tried to do this via twitter and was taken to a page on their website that says 

"Whoa there!

There is no request token for this page. That's the special key we need from applications asking to use your Twitter account. Please go back to the site or application that sent you here and try again; it was probably just a mistake."

I then tried the Facebook link which also took me to an invalid page, finally I tried to verify the account using our email address and that link that was sent to me was also invalid.

Do you have any idea when this problem will be rectified? 

SocialAssistant 5pts

Just a simple question, why don't you guys add 2-step verification process just like Google implemented in the past to secure their users?