How to keep your account from getting hacked
open allWhat for: So you don't get hacked.
If you use a short and simple password for your Facebook account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:
- Is at least 8 and up to 20 characters long;
- Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
- Is not an actual word or easy-to-guess phrase;
- Is not the same as for any other account, including your Apple ID password;
- Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).
To change your password:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- Go to the Password and security section;
- Tap Change password;
- Enter your current Facebook password;
- Enter a new strong password twice;
- Tap Update password.
What for: So you definitely don't get hacked.
Facebook can be configured to request a one-time code or physical security key when you log in to your account. That way, even if cybercriminals learn your username and password, they will not be able to use them without the one-time code or security key. The code is sent via SMS to your specified phone number or generated in a dedicated application (for example, Google Authenticator), while the security key is a small hardware device used to authorize your login.
To enable two-factor authentication:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- Go to the Password & security section;
- Tap Use two-factor authentication;
- Select the authentication method:
- Authentication App;
- Text Message (SMS);
- Security Key.
Remember that a text message with the code can be intercepted by malware, and a physical security key can be lost, which is why using a two-factor authentication app is a safer option. Facebook can also use the phone number you linked to your profile for targeted advertising.
With two-factor authentication, you can log in to your account even if you lose your phone. For that, you need the recovery codes. To get them:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- Go to the Password & security section;
- Tap Use two-factor authentication;
- Select Recovery codes and tap Show codes;
Enter your current password and tap Continue.
Each of the ten codes can be used only once. Write them down, copy them, or take a screenshot of them, and keep the information in a safe place.
How to keep corporations out of your business
open allWhat for: So Facebook does not know more than it needs to.
The Facebook app requests the contact list of your phone to help you locate the people you know on the social network. However, the information about your contacts is also used to create targeted ads and generate news feed. Moreover, your information is shared with third parties, which increases the risk of a leak.
To prevent Facebook from using your contact list:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Permissions section, go to Upload contacts;
- Disable the Upload contacts feature.
Downside: The social network will not prompt you to befriend your new acquaintances whose numbers you store in the contact list.
If such apps as Instagram, Messenger, or WhatsApp, which are owned by Facebook, have access to the contact list, this information can still be used by the social network.
Keep in mind that you have to disable access to contacts on all your devices with contact lists.
You can check which contacts are already uploaded to your accounts and remove any unwanted information here:
What for: So Facebook does not know where you go.
The Facebook app can access information about your location. This information is used to geotag your posts and stories and configure recommendations and targeted advertising. If you do not want to share your location with strangers and the social network, disable access to location data:
- Open Settings on your device;
- Go to the Privacy & security section;
- Open Location Services;
- Find Facebook in the list of apps;
- Select Never.
Downside: Facebook will not be able to alert your friends when you are nearby or show you nearby events. You won't receive adverts based on your current location, either.
If such apps as Instagram, Messenger, and WhatsApp, which are owned by Facebook, have access to location data, it can still be used by the social network.
How to defeat spammers and trolls
open allWhat for: To remove irrelevant comments.
By default, all Facebook users can leave comments under your posts, an ability that spammers and trolls often abuse.
To make sure that only your friends can comment on your posts:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Audience and visibility section, go to Followers and public content;
- Under Public post comments, select Friends.
You can also block the app from showing comments containing certain keywords or hashtags on your timeline. In this way you can hide offensive comments or other unwanted content. This feature can be configured only in the settings of the Facebook Web version.
What for: To avoid unpleasant people.
If you want to stop a specific user from commenting on your posts, block that user. Blocked users will not be able to view your profile, leave comments under your posts, or send you private messages. In this case, the user will not know that you blocked them.
To block a user:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Audience and visibility section, go to Blocking;
- Tap on the plus icon and enter the name of the user you want to block;
- Tap Block and confirm your selection.
How to hide posts from unwanted people
open allWhat for: So your posts will be seen only by those for whom they are intended.
You can choose who will see your Facebook posts. By default, they are visible to all of your friends. That can be inconvenient if you would prefer not to share your private life with some of them.
You may already have changed this setting and made your posts publicly available. Remember that information from your posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.
To configure the default visibility of your posts:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Audience and visibility section, go to Posts;
- Tap Who can see your future posts?;
- Select which group of users will see your posts by default:
- Friends — posts are visible to friends only;
- Friends except… — posts are visible to all friends except those listed;
- Specific friends — posts are visible to friends on the list only;
- Only me — posts are visible to no one but you.
Remember that you can change the visibility of each individual post when publishing or after, without changing the default settings.
- To restrict the visibility of your post when you create it:
- Tap the button under your name;
- Choose the user group you want to see your post, and tap Done.
- To configure the visibility of an existing post:
- Tap on the three dots to the right of the post title;
- Select Edit privacy in the menu that appears;
- Choose the user group you want to see your post, and tap Done.
Earlier versions of the Facebook app for some types of devices did not include a function for restricting the visibility of posts, but you can still customize their visibility.
To make a post created in earlier versions of the application visible to only your friends:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Audience and visibility section, go to Posts;
- Tap Limit who can see past posts;
- Tap Limit Past Posts and confirm.
Downside: Your past posts will remain visible to anyone tagged in them, and their friends.
What for: So your stories are visible only to those for whom they are intended.
Other Facebook users can see your stories and share them with their friends. So your personal information might become available to outsiders, and details from stories could be exploited by attackers.
To limit access to stories:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Audience and visibility section, go to Stories;
- Tap Story privacy and select a group of users who will be able to view your stories:
- Friends;
- Custom;
- Hide story from...;
- Go back to the Stories section and select Sharing options;
- Under Allow others to share your public stories to their own story? and Allow people to share your stories if you mention them?, select the Don't allow option.
To limit the visibility of a story when posting it:
- After you select a photo or video for your story, tap Privacy in the lower left corner of the screen;
- Select a group of users who will be able to view your story;
- Tap Save.
To limit the visibility of a story already posted:
- Select Your story at the top of your news feed;
- Tap the three dots in the upper right corner of the screen;
- Select Edit story privacy;
- Select a group of users who will be able to view your story;
- Tap Save and confirm.
How to prevent your personal data from being exposed
open allWhat for: To protect yourself from spammers and other shady people.
Cybercriminals can use information from your profile to do all kinds of unpleasant things. For example, they can bombard your phone with spam calls or text messages. Also, contacts from your social network profile, in combination with certain publicly available information about your life, can be a treasure trove for criminals aiming to defraud you financially. Detailed information about your job or interests helps them contrive persuasive stories.
By default, your phone number is visible to all of your friends. Friends of friends can see your date of birth. Information about your city, place of work or study is publicly available.
To hide this information:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Audience and visibility section, go to Profile information;
- Set each of the items to Only me, and the information will not be visible to anyone except you.
After configuration, you can see how your profile looks to other users:
- Tap the menu icon in the lower right corner of the app;
- Under your name select See your profile;
- Tap the button with three dots under your profile image and select View As.
Downside: Your friends may have trouble locating your Facebook profile or contacting you by phone.
How to get rid of unwanted notifications
open allWhat for: To avoid distractions.
By default, Facebook sends you notifications about all activities on the social network, including requests from apps, games, and nearby hangouts. If some notifications distract you, disable or mute them.
To manage the notifications:
- Tap the menu icon in the lower right corner of the app;
- Tap the cogwheel in the upper right corner;
- In the Preferences section, go to Notifications;
- Select those notifications in the list that you do not wish to receive;
- Disable the Allow notifications on Facebook option and confirm:
- For some types of events, you cannot turn off all notifications with one tap. In this case disable the Push, Email and SMS options individually.