This one is for all the people who buy accounts without OGs (deleted, lost, or any other reason). The OG ones should still follow these recommendations, as having an OG does mean you can recover the account easier, but what would happen if they hacked your OG too? I expect most of the members here to know this already, but I figured I’d write it up for everyone…not as experienced
1. Stay away from automation tools of any kind
- Fuelgram / Infinicore
- Schedulers (they are in the grey zone)
- Auto Likers / Followers / Auto DM-ing tools
- Telegram bots (if you do know for sure that their bot stores the information locally - on your computer, they are okay and safe, if not, avoid them too)
- BOTS (Jarvee / MassPlanner / FollowLiker) - yes, you can use bots for your smaller accounts, the ones you can afford to lose, but putting your main, or any big account on a bot is not recommended.
2. Use a different mail for contact and the one linked to the account - People that want to hack you will press the contact button to see which mail you have set as a contact, and try to hack into that mail (usually it’s easier to get into someones mail than their IG account). This is the lowest form of hacking; since they need to get extremely lucky - the account owner would have to use the same password for the mail and IG account, or have the same mail set as contact and linked to his account…and not have any extra layers of security.
Extra Tip: For the mail linked to your account (the one you use to log-in) use a mail that is not connected in anyway as a linked mail to the account - example: if your account is @Dog, don’t use a mail like “firstname.lastname@example.org”…use your name, or random letters that are not connected to “@Dog. The contact mail on the other hand should be “email@example.com” or “firstname.lastname@example.org” depending on what you can get - as close to the IG account name.
3. ALWAYS have a recovery mail set to your mail (both of them) & have a phone listed as a back-up too. This way you’ll have both your e-mails secured, and a secure email = secure account.
4. Use 2FA for your account! I can’t stress this enough. 2FA stands for Two Factor Authentication, and it is an app you’ll install on your phone, that generates a random string of letters and words every X seconds. If you try to log-in from a new place, you’ll need these strings. The most popular app is Google Authenticator, and it is FREE. There is no reason you should not be using this. So if someone actually does find out your password, he/she will still need to know the string generated by the Authenticator, and that is practically impossible. For a guide on how Google Authenticator works, click here.
5. Have a phone linked to your account as well. This is just another layer of safety, and again, no reason why you should not have it. If you use a phone as contact too (the CALL button on Instagram business accounts), use a different phone number that is linked to your account. The reason is sim-swapping.
6. Finally, use common sense. Do not follow shady links that may install malware on your device. Do not trust those mails where they say you got verified, just press this button to log in. People get burnt on this the most. I am not exactly sure how the verification process goes, but I am 100% sure Instagram will not make you complete the verification process on some shady 3rd party app or website or whatever.
That is all i can think from the top of my head right now. If anyone has anything to add, please do.