Back to Blog

When your Facebook and Instagram gets hacked

security tech Jan 11, 2022

What do you do when hackers steal over $11,000 of your own money AND lock you out of your social media accounts?

Well, this just happened to Chris Hau and you can see more about that here 👇🏼



Regular people like you and me can and do get hacked every single day. You can get locked out of your accounts AND suffer a huge financial impact because of it, so today, I want to share with you some tips to stop this from happening to yourself. 

In the example of Chris Hau, who I've followed on YouTube for quite some time, he recently shared a video explaining how his social media accounts got hacked multiple times despite having Two-Factor Authentication in place, and as a result, lost $11,000. That's crazy! But it could happen to you too. So, what to do about it?


People create weak passwords and it's one of the first barriers a hacker can break. If you use the same password for everything, and your password gets leaked somehow, they can log in to every single one of your accounts. 

If you want to know if your password has already been leaked, you can use a website called to check. 

The key is to use a strong, unique password for each account and if your argument is that you won't remember them all, that means you don't have a password manager in place. Epic fail! 

A Password Manager can automagically create and store random and unique passwords for every single account that you have.

I use a password manager not just for passwords, because we all know 1) that my memory is like a potato and 2) we might want to remember more than just a password.

PIN Codes, memorable dates, passport and driving license numbers, credit card details, bank information - and more than what the likes of Google Chrome or Safari can do for you.

I've personally used 1password for years now, including a few of those years where I used a cracked copy... sorry 1Password.

🛒 Get 25% off 1Password Personal: 

🛒 Get 50% off 1Password Family:

Having a unique password and a password manager in place is just the first step in the dance. So, what's step 2?


Although Chris Hau explains that he was hacked DESPITE having 2FA enabled, this is still a really important step to take in protecting your accounts. If people want to, they can hack your phone and clone your sim card and all sorts. Therefore, if you have 2FA enabled where it texts you a code - that's not great. Particularly if there is an account with access to MONEY behind it. 

When setting up 2FA, don't use text as your authenticator. Instead, use one of the code generator apps, like Authy. Or Google Authenticator. 1Password does have a 2FA code generator built-in, but from a security perspective, I'm not a fan of storing the password AND the 2FA code in the same place. Is there anything stronger than these methods? Yes, there is!


Step 3 is MUCH better than Step 2 and is pretty much the surefire way and THE BEST way to protect your accounts. Get yourself a Yubikey, which works very much like a physical key.

If someone doesn't have the physical key, then they can't log in to your account. I have one for all of my important accounts because I.don'!

My advice here is to grab at least 2 of these keys and set them up with every website that you want to protect. Why 2 keys? Because if you lose one or one gets stolen, then you still have a key to get in, and you can simply just remove the lost or stolen key instead.

For those of you who I overheard in step 1, 'But Pete, storing all of your passwords in one place is stupid. If someone gets into your password manager they'll now have all of your passwords!'

This is how you stop that.

Do you worry about someone getting the front door key to your house? No.

Am I worried about someone getting into my Password manager when I have one of these keys protecting it? No.

Once you've added a key, make sure you go back into your accounts and TURN OFF the other forms of 2FA. Because if you leave something like SMS there, that's still going to be a problem.


Are you guilty of shutting down your computer without logging out of your devices? Once you've logged in to an account, it drops this thing called a cookie onto your computer. That cookie basically tells the website, oh I don't need to log in again, I'm already logged in! In some circumstances, those cookies can be copied and pasted onto other computers so they can trick websites to believe they are also, already logged in, scary, right?

To fix this with Facebook, you go to Settings & Privacy. Settings. Security and Login. Under 'Where you're logged in' click see more. Scroll down, and then Log out of all sessions.

Most websites and apps have this feature and doing this, will kick you out of any devices currently logged in to your account. So pick your phone back up again, and you'll have to log back in. It's one of those things you might do from time to time, but definitely do if you suspect that something nefarious is going on with one of your accounts.

This is why I believe Chris Hau kept getting locked out of his accounts, that is how YOU can stop people getting into your accounts in the first place.

Take 2 minutes of your life to check with your parents, or your kids, or your friends, that they're at LEAST using a password manager. If they're not, show them how to use one. Grab the 25% off deal below and you could even give them one of your 5 accounts for free! Also grab a Yubikey to really, REALLY secure those accounts. Particularly if they're critical to you earning an income or protecting sensitive data, or DATA.

🛒 Get 25% off 1Password Personal: 

🛒 Get 50% off 1Password Family: 

🛒 Grab a Yubikey:

Enjoyed this post? Check out these videos to find out more about 1Password for Mac and how to protect Gmail from hackers. 

🎥 How to secure your Gmail Account from Hackers: 

🎥 What you NEED to know about 1Password 8 for Mac:

If you want to get more info based around security, tech, finance and business, sign up for the weekly newsletter:


Thanks for reading! 



This. But in your Inbox!

Get the latest delivered to your Inbox.

We hate SPAM. We will never sell your information, for any reason.