Malicious hacks can cause thousands of dollars in lost revenue opportunities.

 As an advertiser, one of the worst feelings in the world is waking up and realizing your #1 source of leads and sales has been shutdown.

And while diversifying your traffic sources is important for long-term, stable growth…I’m not here to preach to you.  Instead, I’d like to show you something you can do right now – this minute – to avoid having your ad account shutdown.

Decades Old, Still Works

Back when I was young, I remember my father having a weird little device that allowed him to log into his building after-hours.  The device looked something like a calculator with numbers that constantly updated themselves every 20 seconds. 

Now, keep in mind this was in the early 1990s well before smartphones.  But because my father worked with sensitive financial data, they couldn’t let just anyone stroll into the office.  So, they used Two Factor Authentication (aka 2FA) to prevent spies. 

Two Factor Authentication

If you’re unfamiliar with 2FA, it’s an app you install on your phone that constantly updates a numeric code every 15 seconds.  
By connecting this app with your ad account – which is done via QR codes – no one can sign into your ad account from an unrecognized IP address without also typing in the code.

But because your phone is the only place that code is available, it becomes near impossible for a hacker to log into your account (unless they also have your phone, at which point you’ve probably been kidnapped and have bigger things to worry about : ).

Security or Compliance?

On the surface, using 2FA is more of a security measure than it is a compliance technique.  However, given a hack could result in your ad account being shut down for investigation, we take security just as seriously as we take compliance.

As an example of why this is so serious, one of the clients my partner’s been consulting with had their account taken over by some hackers in Southeast Asia.  After accessing the account, these hackers spent tens of thousands of dollars running ads to an offer they earned affiliate commissions on. 

Eventually Facebook flagged the activity and shut the hackers down.  Sadly, it took weeks before Facebook completed its investigation.  Weeks the client was not running ads or generating new revenue.

Post-Hack Recovery

Now, if your account gets hacked, odds are you’ll get both your account back and your money back. 

This process, however, can take weeks (if not a month or more).  And remember, for every $10,000 per month your ad campaign is generating, every week your ads are down is $2,333 in lost revenue.


Given setting up 2FA is both free and takes a matter of minutes to set up, we highly recommend it. 

And while the odds of a hacker breaking into your account are slim, the loss of revenue that can occur from a multi-week shutdown is more than worth the effort.

With that said, you can run into some major headaches if you lose your phone / your phone breaks. 

Because of that, we recommend these tips from LifeHacker (which will allow you to access your accounts even if you lose access to the device with 2FA on it). 

*As of this writing, Facebook (which owns Instagram), Google (which owns YouTube), Twitter and LinkedIn all offer 2FA.

Like what you've seen so far?  There's more!

Join our newsletter to stay up-to-date on media buying and ad compliance.

No thanks, I don't want to learn