VKontakte is the largest social network in the CIS countries - the service is visited by more than 955 million users every month. VKontakte accounts are used for authorization on a huge number of services and sites. In addition, relatively recently, network users were able to send money directly via messages.
The high popularity of VKontakte makes it an attractive platform for attackers. In these conditions, it is very important to ensure maximum safety for your account. You can get additional account protection by setting up two-factor authentication (2FA).
How to enable two-factor authentication for a VKontakte account
- Login to your account and go to the page Settings. Then select the tab Safety.
- The topmost section is called Login confirmation. Click the "Connect" link.
- A pop-up window will open informing you that when you enable two-factor authentication, your mobile phone number will be used to access your account. Click the button Start setting up.
- In the next window you need to check your phone number or indicate new number, then press the button to get the code.
- A confirmation code will be sent to your phone number. Enter this code in the field below, and then click the button Confirm And Complete setup.
- This completes the setup. Now when you try to log into your account with unknown device An SMS message with an access code will be sent to your phone.
In section Login confirmation by clicking on the link Reserve codes you will be able to generate and save emergency codes that can be used when you do not have access to your mobile device.
As a second stage of authentication, instead of an SMS message, you can use one-time codes generated in an authenticator application that works using the TOTP algorithm. To activate this method authentication, pre-install on your mobile device authentication app, such as Google Authenticator or Authy, and follow these simple steps:
- In section Login confirmation next to the option Applications for generating codes click the "Enable" link.
- For security reasons, you will be asked for your current account password. Enter the correct password and “Confirm”.
- A QR code will appear on the next screen, which you need to scan using the mobile application. If your image is not recognized by the scanner, then manually enter the 16-digit secret key into the application.
- Enter the 6-digit one-time code generated in the application. After this, authentication through the application will be configured.
After successful implementation two-factor verification in the browser, you can remember this browser so that you no longer enter the second factor when logging into your account on this device.
If necessary, you can reset codes on all trusted devices or only on the current device. In this case, during the next authorization attempt, you will be asked for a confirmation code again.
If someone tries to log into your account, you will receive a pop-up warning about this.
How to disable two-factor authentication in your VKontakte account
At any time, you can disable two-factor authentication for your VKontakte account. However, remember that in this case, to access your account, an attacker will only need to know your password. To disable two-factor authentication, do next steps:
- Go to the menu
We will include secure data transfer protocol HTTPS. The HTTPS protocol is a protocol that encrypts all data that you transmit to the Internet.
When this might be useful in our case. For example, you come to some cafe where there is free wi-fi network. All visitors are connected to this open network just like you. Now let’s imagine that an attacker is also connected to this network and is trying to steal the data you transmit, for example, the login and password for the site. He can do this without any problems, since you are in no way protected from penetration. The regular HTTP protocol will easily allow him to do this, but the secure one HTTPS protocol will not do this. This is exactly what we will include today for social network In contact with.
It turns on quite simply. We go to the website vk.com and go to the “My Settings” section. Next, go to the “Security” tab.
By default, when you visit the VKontakte website, you have the HTTP protocol enabled. You can view this by clicking on the white sheet in the address bar to the left of the site address.
Now let's move to a secure protocol. To do this, at the beginning of the address you need to write https://. The full page address will be: https://vk.com/settings?act=security
After you enter the new address and press "Enter", the page will refresh and a new block "Protection of transmitted data" will appear in the security settings with the ability to select the option "Always use a secure connection (HTTPS)". Check the box and click "Save".
Now, when we log into a social network, it will remember that we need to be sent to a secure protocol and it doesn’t matter how you enter the site address, you will always be protected. A green padlock now appears in the address bar instead of a white sheet. If you click on it, you can see that your connection is encrypted using modern technology.
If you want to remove this setting, then go to the settings again, uncheck the box and click save. That's all for me.
Below you can watch a video on setup secure connection to vk.com.
Unfortunately, not many users know that the social network VK has the ability to edit their own messages. This function appeared relatively recently and is available in full and mobile versions website (they promise that in the next updates it will become available to users of the mobile application).
In this lesson I will show you how download music from VKontakte using the browser extension from savefrom.net. The first step is to install " Savefrom.net assistant". Follow the link and follow the instructions to install the extension for your browser. Do not pay attention to what the instructions say about youtube. Our task is simply to install the assistant.
Hello, friends! Today we will look at a very relevant topic: “Security of your VKontakte account, or How to protect your page from hacking.”
I will tell you about the main points and rules, compliance with which guarantees reliable protection and prevents theft of personal information.
Despite the fact that Lately The developers of the social network have taken significant steps to improve the security system, this does not provide guarantees full protection your account. The notorious human factor and a temporary loss of vigilance, even for a minute, will result in the loss of your account, its hacking, and wasted time and nerves on recovery.
How to protect your VKontakte account from hacking as much as possible?
Unfortunately, there is no one universal way to solve this problem. As I like to say, security is first and foremost a complex thing. Only if you follow a number of rules, carried out simultaneously, can you guarantee yourself and your account protection from hacking. Failure to comply with at least one rule will sooner or later lead to loss of access to your account.
I propose to consider the main points and rules that guarantee protection against hacking. But first, I recommend reading the article “Basic Internet Safety Rules,” it is located at.
Five rules of VKontakte:
1. The password must be complex. A complex password is a combination created according to certain rules. These rules are set out in more detail in the book “The Whole Truth About Passwords,” which you can read. The password for the email to which the account is registered should also be complex and should not be the same as the password for your account. Try to change the password for your personal VKontakte page at least once every three months.
2. Do not install dubious applications and programs. Avoid apps that offer you features that are not on the website. For example, viewing guests. Particular attention to programs that require you to enter your username and password.
As a rule, password theft can be disguised as some kind of “private” or “chat”. Do not enter anything, but rather report this application to the service technical support. Remember a simple rule: when using applications, you are already authorized.
No re-entering your username and password for your account in programs and applications!!
Fraudsters are very smart and extremely resourceful. They operate according to a certain scheme, which is directly related to the desires of the users themselves. For example, have a high rating or gain access to other people's accounts. Don’t deceive yourself, remember the saying about free cheese!
You may be offered special programs to increase your rating and give free gifts. As a rule, these are programs containing a virus. They can introduce themselves to the administration and report on ongoing technical work(for example, about the loss and restoration of a database) or ask for confirmation that you are not a bot and demand that you send your login and password. Don't be fooled!
3. Don't click on links. If you're not sure, don't go. If you're sure, double check. To check links, there are special browser extensions that will quickly check the link for viruses or malicious code. If you click on a suspicious (phishing) link, quickly close the site and change your password.
Phishing is a common type of fraud that is carried out through fake pages. A dummy page is a page of one or another Internet resource where you are authorized and you are required to enter your login and password. On appearance it is practically no different from the original.
pay attention to address bar. Everyone knows that the official website of the social network VKontate has an address like: http://vk.com. That is, the left side of the screenshot is the official website, the right side is a dummy page. As you can see, only one letter of the address has been changed from http://vk.com to http://vk.cm. The address can be anything, you most likely just won’t pay attention to it.
The hacker's task is to slip you a fake page, hoping for your inattention, where you will enter your username and password from the official page.
If you fell for this trick and went to one of these sites, you should immediately change the password associated with your account mailbox and from your personal VKontakte page (necessarily in that order).
4. Antivirus software. Use modern anti-virus software on your computer with up-to-date databases. Don't forget about regular full check systems and update them promptly operating system. Use a verified computer to log into your account. This rule will reduce the risk of encountering another type of Internet threat - KeyLogger. This is a special device that records keystrokes on a computer keyboard, which allows you to intercept someone else's information and gain unauthorized access to user logins and passwords.
To activate this function, go to the menu "My settings" , tab "General" , → , where opposite the point "Login confirmation" should be pressed "to plug ".
This will activate an additional level of verification, at which knowledge of your login and password will no longer be enough. Now for successful authorization you must enter a special confirmation code.
You can receive a special confirmation code either using a free SMS to the phone number linked to the page, or using a special application for a smartphone.
When logging in, you can remember this browser, then to log in from it you will only need to enter your username and password, the code will no longer be required. If someone tries to access your page, you will receive a pop-up notification.
If someone tries to visit your page, you will receive a pop-up alert.
If you follow all these rules (and at the same time!), you can be sure that no one except you will gain access to your account, and, accordingly, you guarantee yourself reliable protection of your personal VKontakte page from hacking.
In this case, you will notice that two-factor authentication is already enabled. If you are already using two-step verification and want to upgrade. If your account doesn't qualify for two-factor authentication, you can use it to protect your information.
To activate, you need to click on the “connect” button. You will be redirected to a pop-up window with an information brochure. Login confirmation using your phone. Login confirmation provides an additional level of protection for your VKontakte page. You can protect your page using your mobile phone.
Attention: when login confirmation is enabled, the password recovery service by phone number becomes unavailable. Therefore, we strongly recommend that you attach a current e-mail to the page, indicate your true first and last name, and upload your real photos as the main ones before continuing with the setup.
Things to remember when using two-factor authentication
Once activated, logging into your account requires both a password and access to trusted devices or phone numbers. To ensure maximum account security and ensure you never lose access, you should follow these simple guidelines.
Update phone numbers
You can manage phone numbers and trusted devices, as well as other account information. To use two-factor authentication, you must register at least one trusted phone number where you can receive verification codes. To update trusted phone numbers, follow these steps:
To authorize, you need to use a special code received in one of the following ways: SMS, mobile application, pre-printed list.
Verification will not tire you: to gain access to your account from a new browser or device, you only need to enter the verification code once.
Even if an attacker finds out your username, password and the verification code used, he will not be able to access your page from his computer.
Go to the "Security" section and click "Edit". . If you want to add a phone number, click Add a trusted phone number and enter it. To remove a trusted phone number, click next to the phone number you want to remove.
Follow these steps to create a password for the application. After creating a password for the app, enter it or paste it into the app password field as usual. Use different methods to designate trusted devices and send verification codes; Additionally, it offers an improved user interface. Two-factor authentication is required to use certain features where enhanced security is required.
All you have to do is click on the “Proceed with setup” button located in the lower right corner of the screen. Another window will appear prompting you to enter your current password for the VKontakte page.
Confirmation of action. To confirm the action, you need to re-enter the password for your page.
Setting up an application for generating codes
If you want to sign in and don't have a trusted device on hand where verification codes can be displayed, you can request a code be sent to a trusted phone number using text message or a phone call. On the login screen, click “I didn’t receive a code” and choose the option to send the code to a trusted phone number.
Is there a security question that I also need to remember?
Account recovery is an automatic process designed to allow you to quickly access your account while denying access to anyone who may represent you. This may take several days or more depending on the specific account you may provide to verify your identity. There's no need to select or remember security questions with two-factor authentication. Your identity is only verified with your passwords and verification codes, which are sent to your devices and trusted phone numbers.
Enter your password in the field provided and click on the “Confirm” button. If you entered it correctly, another window will appear in which you will be asked to receive a CONFIRMATION CODE to the mobile number linked to the VK page.
When you sign up for two-factor authentication, we will store your previous security questions for two weeks if you want to reset previous settings security of your account. After this period, questions will be deleted.
How to disable login confirmation via phone
When you sign in to a new device, you will receive a notification about other trusted devices, which will include a map showing the approximate location of the new device. The location shown may reflect the network you are connected to rather than your physical location.
Confirmation of action. To confirm the action, we will send a free SMS message with a code to your mobile phone.
If the wrong number is specified, click on the “change” button and bind a new one. If everything is OK, click on the “get code” button. A 5-digit digital code from the VKcom recipient should arrive on your phone within 5 seconds.
VK 56732 - code to activate confirmation of entry to the page.
Enter it in the special field and click on the “send code” button:
As soon as the required code is entered, the login confirmation setting will be activated.
Login confirmation. Login confirmation check has been successfully activated.
Don't forget to print out your backup codes. They will allow you to confirm login when you don't have access to your phone, for example when traveling.
If you wish, you can check the “remember current browser” box. This will provide additional protection against unauthorized access.
Then click “finish setup”.
Now you need to move on to more subtle settings. Everything is there, on the “security” tab, you need to get backup codes and print them or save them in a safe place.
Backup codes for login confirmation. You have 10 more codes, each code can be used only once. Print them out, keep them in a safe place, and use them whenever you need codes to verify your entry.
1. 0562 0104
2. 6747 5654
3. 3004 5587
4. 5521 8277
5. 1491 1308
6. 6061 3403
7. 2282 4633
8. 7984 0853
9. 4645 4558
10. 2779 8441
You can get new codes if they run out. Only the most recently created backup codes are valid.
You can click on the "print codes" button. A page will be generated immediately that can be sent for printing.
Keep the codes in a safe place and use them to
login confirmation when you do not have your phone with you.
Each code can only be used once.
You can always get new backup codes at
settings on your VKontakte page.
Here's what the printed code page will look like:
Now let's go back to the SECURITY tab and talk about applications for generating codes. This function is convenient to use on mobile phones and tablets. Click on the “Code generation application (enable)” button.
A settings window will open.
Setting up an application for generating codes. Applications for generating two-step verification codes allow you to receive codes even without a network connection or cellular service.
Use any application to generate two-step verification codes. For example, Google Authenticator for iPhone, Android, Authenticator for Windows Phone.
Scan the QR code in the app or enter the secret key below. Then, to confirm that the app is set up correctly, enter the verification code from the app.
We return again to the “SECURITY” tab and click on the “Set up application passwords” link.
Application passwords.
You don't have application passwords yet.
Now just enter the name in Latin and click “create password”. A window will open with your password for the application.
Application passwords.
Your password for the SMMis application:
10yj emew ekyc ydul
Enter the password you just created into the application instead of your password.
There is no need to remember this password. You only need to enter it once.
The setup is complete. Click on the “CLOSE” button.
Application passwords.
Some applications do not yet support login authentication. If the application gives an error related to the password, you need to create a special password for it and enter it instead regular password from the page. For each application you need to generate your own separate password. Application passwords are entered only once; you do not need to remember them.
If desired, you can create a new one and delete the old one.
Now let's talk about browser verification. You can remove confirmation:
- from the current browser
- on other devices
The current browser is the one with which the social network was opened. VKontakte network at the moment the login confirmation is turned on.
After removing your browser from the tested ones, you will need to enter a new confirmation code the next time you use it.
If you want to delete, click on the “remove from checked” button. The message “The verified status of this browser has been removed” will appear.
If we are talking about other devices, the algorithm is similar.
Verification codes on other devices
After resetting all verified devices, you will need to enter verification codes again on all devices and browsers except the current one.
The reset will also end active sessions and remove app passwords.
Click on the “reset” button if you want to reset them. The message “Codes on other devices have been reset” will appear.
In order to disable login confirmations, you need to click on the corresponding button on the security tab.
You will have to enter the current password for your VK page. If you make a mistake when entering, the message “Invalid password specified.” will appear. You can always set a new one. As soon as you enter the correct password, the login confirmation function will be disabled.
Now let's talk about the activity history. Activity history shows information about from which devices and at what time you entered the site. If you suspect that someone has gained access to your profile, you can stop this activity at any time.
Accordingly, if you suspect that you forgot to log out of VKontakte at a friend’s house or that someone else is using your page, then it’s easy to check and with one click log out of all pages except the one that is open in your browser.
Click on the “show activity history” button and if you see logins from other browsers and IPs, then you should click on the “end all sessions” button and change the password for the page:
And the last line of defense is the protection of transmitted data:
If you are using a public Wi-Fi network or are not sure about the reliability of the connection, then simply check the box - “Always use a secure connection (HTTPS)” and click on the “save” button.
A connection using a secure protocol means that all your data is transferred in encrypted form, so that attackers cannot intercept it. A secure connection must be enabled when using unreliable communication channels, such as free or public WiFi networks. Attention! A secure connection can slow down the site, so it should only be used on unsecured networks.
These are, in principle, all the security settings that VKontakte offers us. If you have any questions, ask them in the comments.
VK does not allow access to be restored via SMS. There is a linked number, but VK sends the code to the post office or, if the post office is not linked, it immediately demands to be restored upon application with a document and photo.
Why is quick password recovery not available to me?
You have login protection enabled (login confirmation via SMS). You forgot your password and are trying to restore access, but you receive an error message:
Quick password recovery is not available. Your page has login confirmation enabled by mobile phone.
Or this:
Unfortunately, you cannot recover your password by the specified number phone.
Or another option:
Error. This function is not possible for this page.
This means that once before you yourself enabled login confirmation by mobile phone, when to enter the page you need to enter not only a password, but also a code sent to your phone:
When is entry protection set? (two-factor authentication), this increases security and protects against hacking, but you forgot your password. What to do? It is now impossible to receive a recovery code on your phone because login confirmation- this is when you know the password and have access to the phone. Both together. This is the only way to ensure security, which you yourself voluntarily turned on. It is no longer possible to restore a page with only a phone number if you do not know the password. The VK website warned you about everything, but you didn’t read when you turned on the protection. Maybe that's why you feel like you weren't warned.
Below we will consider all the options for restoring access in this situation.
Attention! Here are absolutely all the ways you have in 2020. It's no use looking for anything else or asking in the comments. Only you can restore access yourself. Read to the end and do as written. Blue links take you to other pages that will help you.
How can I now recover my password and access to the page?
1. Recover by email
If you have additional login confirmation enabled, then instead of quick password recovery via SMS, password recovery via e-mail is used ( e-mail). Is your page linked to email? If yes, then you can request a link to reset your password. (instructions will open in a new window). It may turn out that the page is linked to the mail, but you cannot enter the mail (you don’t have access or you simply don’t remember it) - in this case, it is better to try to first restore access to the mail, otherwise you will have only one way, it is more complex and requires much more more time - recovery through support service.
2. Restore via support
When login confirmation is enabled, but you forgot your password and the page is NOT linked to an email (or you don’t have access to your email, or you don’t remember the address), the only way to restore the page is technical support request. This link will open an access restoration form that must be filled out. It's better to do this from a computer rather than from a phone. Look detailed instructions Here:
If it doesn’t work, do it through the full version on your computer.
You will have to prove that the page is yours. If your real photos are not there or your real name and surname are not indicated, then it is almost impossible (or very difficult) to restore the page. After all, you were warned about everything when you turned on the login protection. You can see why an application might be rejected. Of course, there is an opportunity to contact VK support and try to prove in some way that the page is yours. If they see that you are a normal person and that the page is really yours, they may meet you halfway. If even then nothing works out, register a new page in VK. This is a lesson for the future.
Why can’t I recover my password via SMS if login confirmation is enabled?
Because you yourself enabled TWO-Factor (TWO-Step) authentication, and now you want to reset your password with only ONE factor (phone). But it doesn't work that way. Imagine: if someone had access to your SIM card, they would steal your page without even knowing your password. This would no longer be two-factor authentication. I should have read the warning when I decided to turn it on this function. We described all the ways to reset a password in this situation above, there are only two of them.
I have backup codes, why can’t I recover my password with them?
Because the backup codes that you wrote out or printed are needed when there is no access to the phone— that is, when you cannot receive an SMS to log in. And you don't have password, you forgot him. In this case, the backup code will not help.
Is there no way to restore it?
There are no other ways to restore access. There is no use looking for them. That is, there is no other way to restore it at all. You just read everything possible ways. , if you don't understand.
I don’t have login confirmation enabled, but VK still requires me to restore it upon request
Is it possible to disable login confirmation?
Of course you can. But to do this you need to know the password and go to the page, and then to the security settings. And if you can’t do this yet, then you can’t disable login confirmation either. Even having access to the page won't help if you don't remember the password. Restore access as described above.
Loading...
