Is someone posting or changing their profile? Texting friends? If you believe your Instagram has been hacked, before you panic and spend money for someone to fix the problem, there are some alternatives to try to regain access to your account and kick the attackers out. There are two ways: if you still manage to enter your password, continue reading; otherwise, skip straight to the last step to ask for social network help.
Change your password!
If you still have access to the account, the first thing to try is to change your Instagram password. If someone accessed your profile it is because they know this password.
This is because easy combinations don’t take a lot of work for hackers to figure out. In addition, constant leaks expose various user data on the network, from information such as date of birth, CPF, full name, credit cards and even the password itself.
A rule of digital security is never to use the same combination on multiple online accounts. Look to add special characters, numbers and a mix of the upper and lower case to the password. Avoid data that is easy to guess like phone number, date of birth, name and so on…
Using a password manager helps to keep a different combination for each internet account. Some programs not only store the password securely but also indicate if the combination is weak, most of them also allow you to configure two-step authentication to improve account security. That is the subject of the next topic.
Enable two-step authentication on your Account
Two-Step Authentication is a feature that adds a layer of security to your account. It works like this: after entering the password, you will have to enter another six-digit numeric and random code.
This code is available in an app to manage two-step verification codes like Google Authenticator or Authy, in a password manager like the ones mentioned in the previous topic or via SMS, but this alternative is no longer so secure.
That way, even if the hacker discovers the new password, he will still need to enter information that, in theory, only you know because it is on your cell phone. That’s why it’s highly recommended to enable 2-step verification on your Instagram account and on all other online services you use — and it’s security-conscious.
Changing the password and enabling 2-Step Verification is important to prevent new unauthorized access, but if the attacker has already logged in with the old credentials, it remains to review the devices and applications that are still connected and revoke access. It is the subject of the topic below…
Review authorized devices and apps
It may be that when changing the password, strange activities still occur on the account. This can happen due to the fact that there are still devices (in addition to the known ones) and applications connected to Instagram.
Instagram has an in-app menu to remotely disconnect devices with account access. The process can be done via cell phone or computer. In this option, devices are displayed in chronological order (newest first) and with the device name. So if you have an iPhone and you see that your account is being used on an Android (or vice versa), stay alert and revoke access.
Another option is to pay attention to apps with authorized access to your Instagram or Facebook account. You know those apps that promise more statistics, help with sweepstakes, let you download posts and stories or add any other non-native function on the social network, even more, likes and followers? So, it could be that one of them contains malicious code and authorization to control the account.
To resolve the issue, revoke the connected app’s access to your Instagram. Be suspicious of all active connections and do an internet search to verify the integrity of those you intend to leave active on the account.
Lost access? Here’s how to recover your Instagram account
If you no longer have access to your Instagram, it means that the hacker changed your password and disconnected you from the social network. Some attackers keep your personal information like email and phone number, while others already change this data, making it even more difficult to recover your account. The process you will follow will depend on this.
If you have access to login information (email and phone)
If your email is still the same, it will be easier to access your account again and recover your Instagram password. See the step-by-step:
- Open Instagram and on the app home screen, tap on “ Forgot your password? “. Enter your registration email on the social network and tap “ Next ”.
- An access code will be sent to your email. Open it and enter the code on the screen displayed by Instagram;
- Once confirmed, you will have access to your account again.
If the hacker changed the account email and phone
It is possible that the attacker changed your profile settings such as your email, phone number, and username. In this case, you need to contact Instagram support to have your account verified. See how to do it:
- Select “ Forgot your password? “, enter the username and tap “ Need more help? “;
- Next, Instagram will try again to recover your account for your data. However, as you no longer have access since the attacker has changed it, select “Get support”;
- The social network will ask you why you can no longer access your account. If so, reply “ My account has been hacked ”. The app will give you two options: “ Yes, I have a photo of me on my account ” and “ No, I don’t have a photo of me on my account ” for those who have their Instagram hacked — select one of them.
If you checked “Yes, I have a picture of myself in my account”, Instagram will ask you to provide an email address to which you have access to proceed with the request. The social network will also ask for a video selfie by turning your face in different directions to verify your identity.
According to Instagram, the support team does not use facial recognition to verify that you are a real person, and may even use human analysis to recover your account.
If you checked “No, I don’t have a picture of me in my account”, you will be redirected to the help page to try to recover the account in another way and you will receive an autoresponder email from the support team to proceed with the case.
Choose a password manager to make your account more secure
After recovering your Instagram account, it is important to ensure that no one hacks into it again. Change the password, enable two-factor authentication and use a password manager. As I said above, it is more secure and can be an option to have an extra guarantee of security.
In the market, there are several apps, free and paid, that can help you in everyday life. Among the best-known are 1Password, LastPass and Kaspersky Password Manager. To choose the ideal one for you, consider the functions offered by the service and your budget.