Instagram testing new way of recovering hacked accounts

San Francisco, June 17 

To offer more assurance in recovering hacked accounts, Facebook-owned messaging app Instagram is testing a new in-app account recovery process.

To control cases where the hackers alter username and contact data linked to the accounts, Instagram is offering a safeguard which would prevent any username from being claimed for a "period of time" after account changes, whether it is a hack or a voluntary change.

As part of the new test process, for recovery, users are being asked to fill in their personal information such as their original email address or phone number and later send them a six-digit code to the contact information of their choice, Engadget reported on Sunday. 

The new method is intended to ensure account recovery even if the hacker alters the username and contact information linked to the account. 

With this process, the photo-messaging app also intends to prevent hackers from using email or phone number codes to take over accounts from different devices, the report said.

For now, details on the wider availability of this in-app remains unclear, although the username lockdown has been made available to all Android users now which is being deployed to iOS users as well. 

Presently, to recover a hacked account, users have to either wait for a recovery email or fill out a support form, making the process time-consuming.

The new recovery process is aimed at letting users recover an account from within the app itself, rather than having to lean on the security team. 

Instagram's decision comes two months after its parent company Facebook admitted to have "fixed a security issue" that had been saving passwords of 200-600 million users in plain text and "readable" format since 2012, which were also searchable by over 20,000 of its staff members. —IANS