With so much personal information held in your Facebook profile, you can’t take a ‘set and forget’ approach to securing your account. Just by tweaking a couple of settings, you’ll have more control over who can access your personal details.
Making sure your passwords are strong and setting up two-factor authentication is a good place to start, but there are plenty of other ways to stay safe on Facebook.
To help you keep your Facebook account secure, we’ve rounded up some tips on how to do a security and privacy audit. Keep scrolling for the details.
Safety first: secure your Facebook account in five steps
Security is very important and, at the very least, you should make these checks to protect your Facebook account.
To find them when you’re logged in to Facebook on a computer, go to Account > Settings & Privacy > Settings and then click Security and Login in the left-hand panel.
From there, you can change your password, set up two-factor authentication (more details on that shortly) and set alerts for unrecognised logins.
1. Check your logins
Once you’re on the Security and login page look at the list of devices that have logged in to your account. Click on the three vertical dots to the right of the device name if you don’t recognise it and you can click Not you? to walk through some steps to secure your account, or log out immediately from that device.
At the bottom of the list of devices, you can Log out of all sessions.
2. Secure your passwords
While still on the Security and login page, scroll down, click Change password and enter a new password and save.
From this same screen, you’ll also see the Save your login information option. If this is set to On, you won’t need to enter your password the next time you log in using your current web browser. Turn it Off and you’ll need to enter your password the next time you log in using your current web browser.
If you need a new password, make sure it’s unique to Facebook and not a copy of a password you use on another website. It’s also best to steer clear of personal information when coming up with a password, such as a pet’s name or your middle name.
For more details on making your password as strong as possible, see our guide on how to create secure passwords
3. Set up two-factor authentication
Two-factor authentication (2FA) protects your account even if someone has the password. It usually means sending a code to your phone, which you then input after your password to confirm it’s you.
On Facebook, you can also confirm that it’s you if you’re signed in to Facebook on another computer, tablet or smartphone. To turn it on, still on the Security and login page, scroll down to Use two-factor authentication and click Edit. You’ll have to input your password to continue setting it up.
Read more: what is two-factor authentication and should you use it?
4. Manage your authorised logins
Directly under Use two-factor authentication is Authorised logins. This shows you the computers, tablets and smartphones on which you’ve used your 2FA code to log in and the dates you got a code to log in.
If you want to remove any of the devices from that list to force Facebook to send you a code to log in again, tick the checkbox to the left of the device name, then scroll down to the bottom and click Remove.
5. Set up login alerts
Scroll down to Get alerts about unrecognised logins and click the Edit button to turn this feature on.
You’ll be given options to get notifications for Facebook itself and the Facebook Messenger app, and you can choose to have those alerts sent to your email.
Your Facebook questions answered
It’s as important to keep on top of your privacy settings as your security settings. Privacy settings allow you to manage things such as who can see your posts, what profile information is visible publicly and who can send friend requests to you.
When you’re logged in to Facebook on a computer, the privacy settings can be found by clicking the drop-down arrow on the right-hand side. Click Settings & Privacy and then click Privacy Checkup, or click here.
Can you stop Facebook seeing everything about your account?
As a free platform, Facebook makes its money by selling user-targeted advertising on the platform, based on the personal details in users’ profiles.
To do this, it doesn’t just collate the personal information you provide or what you share on the site. It wants to develop a richer picture of you to advertisers, so it needs to cast a wider net. That means linking to your movements around the web.
You have a right to keep your digital life private from Facebook. Being on the site means giving access to some personal information, but it’s up to you how much you provide in your profile. You can limit how data goes between Facebook and elsewhere.
To find out what sites your Facebook account is linked to, go to Account > Settings & Privacy > Settings > Apps and Websites. It will list those services that are either active, expired or removed from being linked and sharing information about you.
Who can see your posts?
From the Privacy menu, select Who can see what you share, then review your personal details: email address, date of birth, where you live, workplaces, education details and so on.
You can click on each item to change settings. ‘Public’ lets anyone on and off Facebook see these details, or you can restrict viewing to friends, just you or a custom range of specific people.
From the same screen, you can also decide whether search engines such as Google are able to link to your profile outside of Facebook: if you want to keep your account fairly private, we recommend switching that off.
Can you stop Facebook sharing information with advertisers?
Facebook wants to know about you because it can offer advertisers effective ads personalised and targeted to you. The personal information you provide in your profile is available to Facebook primarily, then any information about what you do outside of Facebook can also be available for Facebook to share with advertisers.
Click Your ad preferences to review what from your profile is shared, including relationship status and employer. Turning these off means you will still see ads, but they will be less relevant to you.
Next are the settings for who can see your activity, such as page likes, pages you’re following, comments you make and recommendations, along with events, app check-ins and shares. To keep to yourself, click Only me. If you’re happy to have that shared, click Your friends.
