Properly Securing Your Instagram Account

Past few months, Instagram has been target by many hackers and crackers worldwide. Many people have lost their accounts due to not properly securing their passwords or themselves. That includes accounts which had a very big amount of followers as well (millions). I’m not sure whether they don’t care, get greedy about money or simply not know how to properly secure themselves and their accounts. But I hope they find this guide and take actions to make sure it doesn’t happen again.

These hacked accounts are sold for large amount of money and sometimes even used to generate money for the hackers. Rarely they will completely destroy the account, but I don’t really see that benefiting the hackers much. It’s done usually if they have something personal against you.


With so many users being hacked everyday, you should be scared because your account could be next on the line. Being hacked doesn’t only mean loss of your account. There are many other things they can do with your account.

  1. Obtain your personal information. They will be able to obtain all the personal information you have shared/used on your account. Including private messages, phone number, other social media, e-mail and much more.
  2. Steal your pictures. If you’re a private user and don’t want anyone to have access to your photos, by being hacked they can view all your pictures and download them.
  3. Ruin your account. They could delete all the photos, upload offensive photos or even get your account banned.
  4. Impersonate you. They could message your friends pretending to be you and do a lot more with your accounts.
  5. Make money off your hard work. They could simply sell your account, sell shoutouts or any other monetization method they may deem profitable.

These are probably other things they could do with your account. That’s why it’s essential to secure your Instagram account.

Securing Your Account

I’ll write some tips to secure your account. You should be very careful what you do on the Internet or generally with your computer. Even if your account is secured to maximum, they could still gain access if you’re not being careful enough.

1. Strong password

Having a strong password is essential to prevent any kind of brute-forcing attacks. You should avoid using passwords that are easy to guess or common. Use a combination of everything (including letters, numbers and special characters).

2. Ensure that that your e-mail is secure

After you have secured your password on Instagram, make sure that your e-mail address is secured. If they gain access to your e-mail address, they can easily reset your not only your Instagram password, but any password associated with that e-mail address.

To prevent that, use a strong password (see above) for your e-mail address AND make sure you use 2 factor authentication.

3. Link other social media

Instagram allows  you to link other social media accounts to your Instagram accounts. Currently, as of writing this post, you can link the following social media with your Instagram account:

  1. Facebook
  2. Twitter
  3. Swarm
  4. Tumblr
  5. Flickr
  6. VKontakte
  7. Ameba

I consider this a very important security feature. You should link any of these social media you have with your Instagram. That way if your Instagram account ever gets stolen, you will have more evidence to prove you are the real owner.

4. Be careful where you use your account

Logging into your account from public places is not always a very safe option. You don’t really know who used the computer before and what they installed. There could be a keylogger. If you believe it’s safe, make sure you log out after using it.

Also, don’t check the “Remember Me” box, because that will keep you logged in even after closing the browser.

5. Avoid (unsafe) third party applications

Although third party applications have many great features, they usually come at a price. Sometimes they could have vulnerabilities that risk the security of your account. Sometimes, they ask for permissions to use your account. You should immediately deny those applications as they could use your account on your behalf.

Your best bet is to stick with the official Instagram application. If you need to use an app, I would recommend using ones which have proven their reputation and have many positive reviews. Avoid new applications at any cost.

To prove my point, I’ll link an article that happened recently. Basically, an application called “Who Viewed Your Profile” for Instagram stole 500,000 users. You can read more about it here.

I’ll link to a few more articles related to this, but there are many many more you can find on Google.

  1. Rogue Instagram and Angry Birds Space for Android Spotted
  2. Android Users Targeted with Rogue Instagram Apps
  3. Fake Instagram app infects Android devices with malware
  4. Don’t Install These Disguised InstaAgent Apps That Can Steal Your Passwords

6. Keep your private information private

Whether it’s your e-mail address, name, address, location, you should keep your private information as private as possible. There are ways that hackers could use to obtain access to your e-mail or account.

A notable example is social engineering. They could manipulate the e-mail provider or Instagram tricking them that it’s you and have them reset the password for him.

General Security Tips

These tips are not related to securing your Instagram account, but rather securing yourself generally online. If you are not being careful enough, no matter how secured your Instagram account is, there are still ways for hackers to obtain access to it.

1. Avoid unknown links

Sometimes, a link could contain a hidden malware that you are not aware of. That malware could execute itself without you even realizing it. If you don’t recognize a link, do not open it.

If you want to check the actual URL of a shortened link, you could use a service like CheckShortURL. You can also scan an URL on VirusTotal to check for malware.

2. Avoid using the same password

No matter what, you should never use the same password twice. If one site gets compromised they could easily compromise your account on other websites as well.

If you have troubles using strong and unique passwords for multiple websites, you could use a password manager. Here’s an article about popular password managers.

3. Be careful about phishing attacks

Shoutouts are one of the most common ways to make money on Instagram. There are many websites offering people partnerships if they join their website. It turns out that most of these websites store your password in plain text (not encrypted) or simply are phishing ones.

Don’t be greedy for money and sign up for every website. Make sure to research about the reputation of the website. Check other people’s reviews, domain’s age, history of the domain, details about the owner and so on.

4. Keep your computer/software updated

Every now and then, you should check for updates for the software you use. Updates are not only for fixing bugs and adding new features, but sometimes they fix vulnerabilities that allow hackers to manipulate the software and execute malware on your computer.

Especially your browser(s) and the plugins you use for them (such as Flash, Shockwave and so on). Make sure they’re all updated very often as they usually tend to have vulnerabilities.

5. Avoid unknown files

A very common method between hackers is spreading keyloggers or RATs. If you download and execute their file, they will immediately gain control over your computer without you even realizing it. They will have full control over it. They could do anything you could, as long as there is Internet connection active.

The best way to prevent such malware is not by using an anti-virus software unfortunately. Anti-virus software is very easy to bypass and that’s what almost all the hackers do. Before they spread or send you a file, they make sure no anti-virus can detect it. After you run the file, they can even uninstall your anti-virus or simply maintain their file if it gets detected. They could just re-download a new undetected version of the malware.

The best way to prevent this is to actually not execute unknown files unless you know what you’re doing. Download only from official sources. If you are unsure about a file, you could use Sandboxie.

It’s a software-type of virtual machine. It will not execute the file directly on your computer, but rather will keep it in Sandboxie only. You will be able to see what happens with the file. If you don’t see anything unusual, then you can run it on your computer.

Another tip to stay safe from viruses is to scan unknown files on VirusTotal. They have a large number of anti-virus software that will check the file for viruses. Keep in mind that anti-viruses can be bypass though, as I mentioned above.

What to do if you get hacked

If your Instagram account has been hacked, you should try and reset your password first. If the e-mail address has not been changed yet, you will receive instructions to reset your password on your e-mail.

If the e-mail address on your account was changed, there is nothing you can do about it. You should contact Instagram. They will investigate your account and ask you to verify it’s really your account. They might ask you to send them a photo of you holding a verification code.


To wrap it up, securing your Instagram account is nothing complex at all. Staring with a strong password will surely prevent any kind of brute-forcing attacks on your account. Securing your primary email is one of the most important factors, because they can easily get access to any account connected with it. Be careful when you authorize any third party applications, because sometimes they might attempt to use your account in an appropriate way.

Even after you have fully secured your Instagram account, there are still ways by hackers to obtain access if you are not being careful. I have added some general security tips to be aware of.

Lastly, if you ever get hacked, you should contact Instagram as soon as possible and try to provide as many details as possible.

If you have any questions, suggestions, or any kind of feedback, feel free to post in the comments section below!

One thought on “Properly Securing Your Instagram Account

Leave a Reply

Your email address will not be published. Required fields are marked *