Yesterday, I was greeted by the message shown in the first image of the following gallery, informing me that my Facebook account protection status was Low. I was not at all surprised that this was little more than another ploy by Facebook to get more of my private data.
Curious, I decided to look at the settings and see what Facebook had to offer me to make my account more secure. The first thing Facebook wanted was for me to validate my email addresses that they have on file. I normally make a special, disposable email address for every service I use regularly, which lets me throw it away when they get out of hand and start spamming it. For instance, if I had email@example.com, and I never used that address for anything other than Facebook, I could be reasonably sure that Facebook was responsible for the junk mail that it was receiving.
Moving on the the next step, I saw that Facebook wanted me to add a mobile phone number by signing up for Facebook Mobile. I’ve resisted giving them any of my phone numbers because phone numbers are not nearly as easy to change as email addresses and I’m fairly confident that Facebook will abuse this information, given sufficient time. See this article for supporting information.
Finally, in the third step, Facebook told me to choose a security question. One could argue that this is just Facebook’s way of getting yet more personal information out of you, but the key thing to remember about these security questions is that they are often easily guessed by anyone who knows just a little bit about you. If your Facebook page is littered with Boston Red Sox pictures, it’s reasonable to guess that your favorite sports team is the Red Sox. Therefore, if this is the case, you’ll be better off lying and saying something like “Tiger Woods” or, better yet, “Daddy Warbucks.” The trick is that if you start lying about security questions, your birthday, or other real information, you need to keep a separate database of these questions and their correct answers somewhere else for your reference, such as a password safe, such as LastPass, KeePass, or 1Password.