TikTok is a popular app for watching and sharing short videos, usually set to music. It has followed in the footsteps of Vine as somewhere to post and watch quick, funny videos.

However, recently concerns have been raised about whether the app is secure. We'll explain what these concerns are, then cover what steps you can take to make your account less vulnerable.

What Happened in the TikTok Breach?

TikTok security risks - TikTok breach

In December 2019, a security firm called Check Point Research revealed it had discovered multiple security vulnerabilities within TikTok. As the researchers demonstrated in a blog post, in combination these vulnerabilities allowed hackers to:

  • Get a hold of TikTok accounts and manipulate their content
  • Delete videos
  • Upload unauthorized videos
  • Make private "hidden" videos public
  • Reveal personal information saved on the account such as private email addresses

One example of how these vulnerabilities could be used is a technique called SMS spoofing. This is where hackers send messages to a user which appear to come from an official TikTok number. This works because TikTok has an option on its website to send an SMS message to yourself to download the TikTok app.

But TikTok has not properly secured this system. Therefore, hackers can manipulate it to send malicious links to unsuspecting users. The users would assume these are coming from a genuine TikTok number and click the malicious link.

It gets worse, however. There is a function built into the TikTok app which displays webpages. This can be used in combination with the SMS spoofing to open a malicious webpage within the TikTok app. From here, the users' information could be stolen or malware sent to their device. And there were plenty of other ways the researchers found to attack the TikTok app and website as well.

Checkpoint disclosed this issue to TikTok in November. TikTok has since updated its security to prevent the attacks described. Nevertheless, you might feel that it's time to delete your TikTok account.

Why Is TikTok Considered a National Security Threat in the US?

TikTok security risks - national security threat

These are not the only security concerns regarding TikTok. In 2019, a number of US government officials raised concerns about the app, even going as far as to call it a threat to national security.

The reason people are concerned is that TikTok has been acquired by a Chinese company called ByteDance. The Chinese government exerts a great deal of control over businesses in China, and it can even force businesses to hand over data. Therefore, officials in the US are concerned that the TikTok app could be sending data about US users to China.

At first it might sound funny, the idea that short silly TikTok videos are a security threat. But if the app is insecure, and many people use it, then it provides a way for hackers to access many devices. This includes devices of people in important positions and who handle sensitive data. For example, the US Army has banned the TikTok app from government phones, as has the US Navy.

US Senator Chuck Schumer has been vocal about the dangers of the platform. In a letter to the US Army secretary, he called it "a potential target of foreign influence campaigns like those carried out during the 2016 election on US-based social media platforms." There have also been reports that TikTok may be under national security review.

How Can You Make Your TikTok Account More Secure?

TikTok security risks - secure your account

This goes to show that even a fun, lighthearted app like TikTok can create security issues. If you want to keep using the app, there's not much you can do about the potential sending of your data to China. But you can be aware that the videos you share may not be as harmless as they seem. Videos can contain a lot of personal information, so be careful what you record and share.

There are also some steps you can take to make your account more secure.

1. Use Strong Passwords

As for any service you use, you should create a strong password. This is particularly true when the service hosts personal data like videos of you. You should make your password a mixture of numbers, letters, and symbols. Don't use a familiar name or date as your password.

Also, don't ever reuse an old password, or use the same password on multiple sites. This is important because if one of your other accounts is breached, you don't want hackers to have access to your TikTok account as well.

It's especially vital to have a strong TikTok password as the service doesn't support two-factor authentication.

2. Make Your Account Private

If you want to post freely on TikTok but restrict who can see your videos, then you can set your account to private. This way, the only people who can see your videos are people who you allow to follow you. This does take some of the fun away from the random discovery element of TikTok. But it means that you can post without worrying about whether anyone is observing you.

It's worth noting that making your account private will not prevent TikTok itself from seeing your information. But it will prevent random members of the public from seeing your videos.

To make your TikTok account private, open up the app and go to the Profile tab. Then tap on the Settings icon in the top right corner. Now go to Privacy and Safety. From here, you can enable Private Account.

There's an option within TikTok to link your account with your accounts on other sites. This includes sites like Instagram and YouTube. The idea is that when your accounts are linked, you can easily post your TikTok videos to other platforms as well.

However, linking your accounts in this way makes it much easier for companies to collect data about you. They can create a more complete picture of your online activities, and learn more about you. To reduce this invasion of your privacy, you can unlink your accounts.

To unlink accounts from TikTok, open the TikTok app and go to your profile page. Now tap on Edit Profile. At the bottom you will see a section saying Instagram and YouTube, with your linked account names on the right. Tap on the account name and from here, you can remove the account.

4. Keep Your Software up to Date

You should also be sure to regularly update your OS and your apps. Keeping apps up to date means the developers can fix security problems like the ones raised by Check Point. To make your life easier, turn on automatic app updates on your phone, so you don't need to remember to update your apps manually.

Be Aware of the Security Risks of Using TikTok

TikTok is a fun app to use, but you need to be aware of security issues when you use it. Be careful that videos you upload don't give away too much information about you, and consider setting your account to private. Also, as with all services, use strong passwords and keep your apps up to date.

To learn more about TikTok and how to use it, see our list of TikTok tips for beginners.