3 Reasons Your Facebook Account might get hacked in 60 seconds

Last Updated on December 14, 2020

There are lots of reasons why one’s Facebook account might get hacked under 60 seconds. Mind you! It is not a hype.

A lot of Facebook accounts are compromised every single day but how to deal with them is a big challenge for most users.

It is a big challenge to many because their major concern over security is connecting with more persons on Facebook.

Why would someone be interested in manipulating over one’s Facebook account in the first place?

Facebook has become a crucial part of major businesses, networking, community and of course, friendly conversations.

So, people are being paid for hacking other people’s Facebook account which is commonly found in the cases of former partner.

How my Facebook Account might get hacked under 60 seconds?

We have written more guides on Facebook security, Facebook privacy control, how to keep one’s account safe from hackers and lots of them.

Our main concern on these three reasons your Facebook account might get hacked is because users are too ignorant of what happens on the other side.

  1. Poor Password Strength
  2. Absence of Two-Factor Authentication
  3. Clicking on Phished links

1. Poor Password Strength

In any online account, password is a parameter that controls the access level to your profile. This is the reason most website determine the strength of passwords during sign up.

A common password pattern would be uppercase, a special character (symbol), a number and the corresponding lowercase characters. In order to complete the sign up, you must complete the pattern.

Our choice of password is usually the case of familiarity and memorable sake. Strong passwords determine the strength of your account and tells how difficult, number of days, years, and century it will take any prying eyes to sniff into one’s account.

Read this article on how long it will take hackers to break your password. It is an eye opener of what happens on the other side.

Always remember to use a password you can never remember. If you cannot remember your password, how would someone else know it? Mnemonic may not be a better option this time.

The best thing to do is having a cloud password keeper – somewhere you can store your passwords and also be accessible anywhere. Dropbox, Google drive is a good idea.

I had a blog in 2015 but surprising it was hacked and it was painted blue black with sick contents. It was because my password was the poorest anyone can think of.

I have come across many victims of hacked Facebook account and their only reasons why their account was hacked are password and absence of two-factor authentication. So I have experience of whatever I say.

Wrong password practices include English words, nicknames, pet names, phone number (janedoe, kyrian95, cynthia1996, charlie, millie, bonnie). Best practices involve use of strange words, symbols including caps (vFrGC331c5H3EI, &M1LL13!, CH@rl13 W0#D).

If you found it very challenging to remember your password, you may apply mnemonics. If you are comfortable with it, then go ahead and change your password today.

2. Absence of Two-Factor Authentication

Use Facebook two-factor authentication
Facebook two-factor authentication / ChuksGuide


This allows one to add additional security layer to one’s Facebook account aside from the normal username and password.

It is just like a cop (police) calling for a backup team because he believes that his gun and bullet proof might not be enough for that particular operation.

That means when you log into Facebook from a new device or browser, you’ll enter a special security code sent to your primary phone from Facebook.

That way, it’s much harder for someone else to access your account, even if they have your password.

In Two-factor authentication, it means that you want to approve any new or future login apart from where you are currently logged in. Facebook has multiple two-factor authentication methods.

Depending on which two-factor method one is using, it means that one has to authorize any new login from any device.

Click here to choose two-step authentication or go to Settings – Privacy – Use two-factor authentication.

You don’t have to enable all the two-factor method. You are only required to find a very convenient method that is simpler for you.

Our recommendation on two-factor authentication is text message (SMS) as shown on the image above.

Here, Facebook allows one to enter and verify their primary phone number so that they can receive login approval codes usually a 6-digit code. With this login codes, one cannot proceed with registering a new device to your account.

There are few things to carefully take note of;

  • Make sure that a single phone number is attached to one Facebook profile account.
  • Delete phone numbers that are not usable by you to avoid the case of our first story.
  • Your phone number should be available at the moment when you want to login to your Facebook account in another device.
  • If your SIM card is turned on for DND (Do not disturb), you may consider turning it off in order to receive sms from Facebook.

If you are using a spam filter for SMS, you have to check spam filter messages

3. Clicking on Phished links

This has recently been one of the commonest scam to watch. Facebook is so open and gives access to developers to integrate their apps into its platform.

Being so common to most developers, the bad guys now take advantage of it to inject scripts into creating automated fake accounts.

These automated fake accounts are handled by hard core web developers. They are either paid for the service or as part of their project.

What they do is to define the accounts to target specified demographics – sex, age, location, interest and page likes to be used with their fake account generator.

After a fake account is generated, it then forwards fake friend requests to the targeted demographics above. If you are ignorant of behind the scene, you will definitely click Accept button.

But if you are the type that is reluctant to accept friend requests, Facebook automated system will delete them within 48 hours.

Let’s say that you already accepted the friend request, there are key things to know about auto generated fake accounts;

  1. It has at most 2 photos which include 1 profile photo and 1 upload.
  2. The profile photo always looks good to be true usually that of a model or half naked woman. Men have quick arousing appeal to great looks.
  3. The Facebook account is usually less than 24 hours old with almost no contents.
  4. Even when there is a content, it should redirect to an external link either to see a nude video or “watch me on live cam” video.
  5. You have no mutual friends.

The photo below shows a fake account as Wendy Griffith in search of a strong and funny man to heal her broken heart.

This is a nice caption in addition with the charming photo that no man wouldn’t dare to resist.

If you could check the name on Facebook right away, you won’t find the profile again because it might have been flagged or deleted.

We hope you found this guide useful. This is an excerpt of what you will find in our 35 page Facebook security handout. You can check the book here.

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.