Receiving a code via SMS is similar to hiding the second key under the doorway rug – it’s almost in plain sight. Using a one-time password (OTP) authenticator application instead is a much safer alternative, akin to protecting the key in a safe. It’s highly recommended to download a trusted OTP authenticator, preferably an open source one, and once you activate two-factor authentication on Facebook and Instagram ask to receive the code via an authenticator application.

For high-risk users, using a password manager is as essential as brushing teeth. Attackers don’t just guess passwords, they use software to brute-force or crack passwords by trying all possible options (like picking a lock). It’s therefore essential for passwords to be strong, and unique so you don’t use the same password anywhere else. A password manager will help you store all your passwords securely, and generate passwords so you don’t have to. You only need to memorise the master password to access the password manager.

An additional benefit of password managers is storing notes securely. When would that be necessary you might ask? Upon setting up two-factor authentication FB apps will provide you with back-up codes in case you lose access to your phone or the app that generates OTPs for you. You can store these back-up codes securely in the password manager.

Security vulnerabilities are unavoidable. Doors offer indispensable protection to houses, but they’re still breakable. FB takes security seriously but when a breach is discovered, FB will notify you if your account has been a target and your account has been compromised.

Encryption protects our private messages, allowing us to safely share sensitive information like family photos, passwords, or our bank details when we want to transfer money to our friends. Without it, our personal and financial information could be at risk. WhatsApp is an encrypted service which uses the Signal protocol as the basis for its end-to-end encryption. “End-to-end encryption” means that nobody can spy on a message once you send it and up until it reaches the person you intend to send it to. On WhatsApp, you can turn on “Disappearing messages” so that new messages in the chat are erased after seven days. From the WhatsApp chat, go to the contact’s name, then Disappearing messages, “Continue”, “On”.

Messenger offers a feature called “Secret conversations” which you can turn on to talk to someone in an encrypted channel. This is only available on Mobile and not on the Web application.

Messenger conversations and Instagram direct messages are stored forever in FB servers. If you accidentally send sensitive information, you have 10 minutes to be able to delete the message by tapping on the message and selecting the delete option. On WhatsApp you have about an hour to delete the message.

Conversations on WhatsApp are stored on your device – locally. You can also opt to store your chats on a personal cloud provider such as iCloud or Google Drive. It’s important for you to know that the backup is not protected by encryption so you need to make sure that you’re also taking the appropriate measures to protect your cloud backup such as activating two-factor authentication and using a unique and strong password to protect your account.