How to Protect Your Account on TikTok for Business
Last updated, May 2024

An account takeover is when your TikTok for Business account has been compromised due to unauthorized account access.


TikTok is committed to providing an environment that is safe and secure for our users. To maintain this, TikTok has Community Guidelines that express what is and is not allowed. Any attempt to gain unauthorized access to an account is a violation. Follow the steps below to help keep your TikTok for Business account safe.


How to prevent an account takeover

To prevent an account takeover from happening, or if you've recently recovered your account, it's important that you take the following steps to keep your account secure:


Passwords

  1. ​Set a strong password.

    • A strong password is at least 6-20 characters that should be a combination of numbers, letters, and special characters. This will make your password harder to figure out.

  2. ​Use a different password for each of your important accounts.

    • ​Reusing the same password across multiple websites, apps, and platforms can be risky. If someone gets your password for one account, they could access other important accounts that use the same password.

    • ​If TikTok Ads Manager recognizes that your password matches a compromised one, then you'll have to update your password.


2-Step Verification (2SV)

TikTok offers the ability to secure your account with two-step verification (2SV), so additional verification is required each time you log in. 


To enable two-step verification:

  1. ​You'll need to be logged in to set up two-step verification, so log in to your TikTok for Business account if you haven't already.

  2. ​In the top right corner of the dashboard, click your profile picture, and then click User Settings.

  3. ​Click Account Security and choose your preferred verification method.


TikTok Business Center admin best practices

Securing admin access on TikTok Business Center is important because it has full control over your business on TikTok. These permissions include modifying or deleting the business, and adding or removing people from the member list. Admins can edit and manage all members and assets. Therefore, it's important that you carefully choose who gets admin access to your Business Center.

  • ​Only invite members of your own company.

  • ​Require every member to have an individual user account, and not to share the password with others.

  • ​TikTok for Business has measures in place that will warn you, require additional verification, or may directly intercept when:

    • ​Inviting other members into the Business Center account.

    • ​Inviting other ad accounts into the Business Center account.

    • ​Assigning admin permissions to an existing Business Center member.

  • Confirm whether all of the invitations under Business Center are valid and sent by authorized individuals.

  • Ensure all Business Center members are valid. Remove invalid users as soon as possible.

  • Ensure all Business Center partners are valid. Remove invalid partner Business Centers as soon as possible.

  • Review roles in your Business Center to ensure that members of your Business Center have only the privileges necessary for their jobs.

  • Enhance security by requesting all members to turn on 2-step verification.

  • It is highly recommended to ask all Business Center admin users to reset their password.

    • A strong password is at least 6-20 characters, which should be a combination of numbers, letters, and special characters. This will make your password harder to figure out.

    • Use a different password for each of the important accounts and update them regularly.


What to do if your account is compromised

We'll suspend your account to secure and prevent further compromised access. After conducting an investigation, we'll notify you about the results and actions you may take to regain control of your account, as well as process reimbursements for any charges that resulted from unauthorized activity. In the meantime, we highly recommend that you take all relevant steps to further protect your account.

  • ​Managed clients: If you suspect that your account is compromised, you should immediately call your Account Manager.

  • ​Unmanaged clients: If you suspect that your account is compromised, you should immediately contact customer service.



Content