Secure Accounts

Online abusers may try to gain access to journalists’ accounts. This might be because they want to obtain information, stop journalists from using their accounts, or because they want to discredit the journalist by posting content that could be harmful to his or her reputation. 

Be safer by taking the following steps:

---

Act Now

Regain control of accounts

If your or someone else’s account has been compromised, contact the tech company to try and regain control. Click on the links below and follow the instructions.

• Apple
• Facebook
• Google
• Instagram
• Twitter

---

Secure your accounts after losing access

Upon regaining control of your accounts, you or the person affected should immediately change your password. Create a long unique password ideally using a password manager. Turn on two-factor authentication (2FA) for all your accounts where possible. See guidance below on how to do this.

---

Next Steps

Set up two-factor authentication (2FA)

Two-factor authentication is an extra layer of security for accounts. It is best practice to  turn 2FA on for all accounts where possible. An app, such as the Google Authenticator app or a security key, such as the Yubikey, is a more secure option than SMS. Learn more about 2FA in the resources below.

---

Create long unique passwords

A secure password is 16 characters or more in length and should not contain any personal information, such as a date of birth. It is advisable not to reuse passwords on accounts instead create unique individual passwords. The resource section below has more details on creating passwords.

---

Use a password manager

A password manager can help journalists to create and store passwords more securely. There are a number of password managers available and you should research which one works best for you or your colleagues.