Are Your Social Media Accounts Secure? Probably Not...and That's Risky

June 14, 2013 Ryan Horner

The emergence and importance of social media accounts as a mouthpiece for large and small organizations alike has happened very rapidly. When combined with the nature of the services being free, external and easy to set up, you get a situation ripe for security lapses that can expose a highly-visible communication channel to hackers. 

There have been several high-profile Twitter account hacks recently; two examples are the Associated Press and the Financial Times. These hacks are quite easy to perform and don’t require much sophistication, allowing any lone actor or small group to hijack accounts - often resulting in very embarrassing, detrimental scenarios. As the Associated Press example shows, the hacks can even impact global stock exchanges!

For global brands, it’s becoming more a question of when, not if, someone will try to hijack their accounts. Luckily, there are a few simple things your firm can do in defense:


  • Make sure that all passwords are as strong as possible. Each social media account you have should have a different password, made up of truly random characters.
  • It's a good practice to change your passwords on a regular basis.
  • Passwords should not be written down, emailed or otherwise shared. They should only be stored in an encrypted fashion, such as a password manager would do.
    • We recommend using web-based password manager LastPass. If you're not comfortable with storing your passwords online, then KeePass is a good desktop-based password management option.
  • Again, don’t ever share your password with anyone. You hear this all the time, but it’s worth mentioning, as some recent attacks have taken advantage of people doing this.
  • If possible, enable a two-factor authentication requirement for your accounts. This means in addition to just a password, i.e. something you know, you should also require something you have, like a dongle or phone, for login access.
    • Twitter and Facebook have this as an option now, but make sure you turn it on, as it’s not enabled by default.


  • Don’t use personal or even individual email accounts for social registrations. Create a separate account only for that purpose.
  • It's also a good idea to use an email account outside of your firm's domain for your profiles. 

For more tips on how to keep your social media accounts secure, check out these great resources:


The One North Ideas Update delivers each month’s latest posts on digital for PSOs—including industry trends, news and our latest research—directly to your inbox. Although it’s our goal to always include thought-provoking and compelling content, you can unsubscribe at any time. 

See our Privacy Policy to learn more about how we protect and manage your submitted data.

Ryan Horner Managing Director, Technology

As Managing Director of Technology, Ryan is responsible for overseeing One North’s strategy related to technical applications, systems and client implementations. He got his start at age seven, programming an Apple IIe.

  • Last thing you geeked-out about: This happens on a daily basis, oftentimes to the internet of things coming to life and novel uses of the technology-enabled sharing economy – or some combination of the two.
  • Most unusual job: I grew up on a working farm, so I've had lots of unusual jobs: baling straw, sweeping bins, cleaning a cattle barn, etc. 

One North Interactive 
222 North LaSalle St, #1500
Chicago, IL 60601

+1 312.469.1740