Instagram accounts are worth stealing. Now at 400 million users including celebrities, brands, and artists making a living, it’s time to add another lock to its doors. In November I wrote that“Seriously, Instagram Needs Two-Factor Authentication”, and a tipster just told me they’ve spotted it in testing. Today, Instagram confirmed to me that it’s beginning to roll out two-factor authentication.
The tool allows Instagram users to verify a phone number. Then, if anyone tries to log into your account with your email and password, you’ll be texted an authentication code that must also be entered to gain access to your account. That means hackers need more than your email and password that could be guessed, stolen, or tricked out of you with a phishing scam.
In one early, buggy test spotted by Wolf Millionaire, Instagram offered users two-factor reset codes when they set up the feature. These can be screenshotted or saved so in case you lose the phone or phone number you’ve authorized, you can still access your account.
Really, two-factor authentication is long overdue for Instagram. It’s been a commonly offered security tool for a long time. Instagram’s parent company Facebook has had a two-factor option for over four years. Neglecting to add it has put Instagram users at risk, and led to damaging hacks that caused financial losses and massive stress.
If a hacker gets access to your Instagram account, they could delete your photos, attack your friends, and spam the feed with ecommerce products and scam offers.
For the average user, this can be annoying, and without special treatment, recovering the account can be extremely tough. For celebrities, getting hacked could scare away followers, squandering promotional opportunities. And for brands, it can screw up their reputation with the public and hurt sales.
I learned about just how bad the problem was from Rachel Ryle, an Instagram star who shares artful stop-motion animations drawn by hand. Occasionally she does sponsored animations that feature a brand. But after lining up a large sponsorship, she got hacked by some jerk who spread spam through her account. She lost 35,000 followers and the brand pulled out, costing her a big paycheck.
Not having two-factor authentication was one thing when Instagram was a little upstart social app. But it’s grown into one of the most popular social networks in the world. Third-party apps even sprung up so you could add an extra pincode to open your Instagram. Officially lacking more safeguards had become downright irresponsible.
Luckily, that’s changing. Instagram will surely monitor its test roll-out of two-factor authentication to make sure it’s simple to understand and bug-free. Once that’s settled, every account will likely receive the two-factor security.
Your art, your vision, your window into your world deserve protection, so turn it on when you get the chance.