Facebook grew in the past years to become the largest online social network in the world.

It spread so much that even our parents, neighbors and distant relatives, even from remote areas of the country, now constantly use it.

It’s the place where everybody is active, from friends, family, work colleagues, old school friends to politicians, law enforcement departments and strangers who simply decided to add us as their friends.

The problems appear when the distinction between public and private space become blurred. Without a clear understanding of our security and privacy settings, we may end up victims to identity theft, phishing attacks or other malicious actions.

Where do we stand when it comes to our private and public persona?

Is there a way to be out there with everybody and, in the same time, keep the sensitive information as safe as possible?

How do we enhance our privacy on the biggest network of the moment?

Let’s find out:

Facebook News Feed

Here’s how to tweak your Facebook’s account Security Settings

Start by accessing your Facebook account settings.

To do this, log into your Facebook account and go to the top right corner of the screen and select “Settings” from the drop-down menu.

We’ll take each section and discuss it separately before we continue to the next one, as they appear in the Settings menu.

1. General Account Settings

After you click on the Settings button, it will take you to the General Account Settings.

From there you’ll be able to reset your Facebook password. With the risk of sounding like an annoying parent, we just have to repeat why it’s important to set a strong and unique password:

Strong: so that nobody with malicious intentions will be able to guess it.

That means no easy and common passwords, no family names (your cat counts as a family member), no nicknames, no birth dates, no favorite songs or movies or mottos, no nothing that can easily be found out about you.

Unique: because in case that one of your accounts is breached, all your other accounts where you used the same password will end up compromised. It doesn’t even have to be your fault.

You might have heard of the recent mega breach that compromised more than 600 million social profiles (and if you didn’t get the chance, here are all the scary details).

After you’ve set up the password, you’ll need to activate the Two-Factor Authentication as a second layer of protection, but we’ll get back to this matter later.

Facebook - General Account Settings (Change Password and Download your Data)

Ok, back to the General Account Settings. From the same location you can also download a copy of your Facebook data.

This includes your Timeline info, shared posts, messages, photos, ads you have clicked on, the IP addresses where you’ve logged into your account, and more.

2. Security Settings

We continue to the Security Settings.

From here you’re able to set:

Facebook - Security Settings

Login Alerts

This option allows you to receive Text and Email messages whenever your account is accessed from a new computer or mobile device. This one’s extremely useful in case someone else tries to access your account.

Activate this option and use it together with the following one.

Facebook - Security Settings - Login Alerts

Login Approvals

Login approvals” is the name given by Facebook to Two-Factor Authentication.

By activating this option, the network will require you to authenticate with a second security code every time you’ll want to access your account on a new browser or device.

This works as a second layer of protection, besides your password. The second pass code will be a unique, time sensitive one, much harder to get breached.

You have three options:

  • A security code sent by SMS to your mobile device;
  • Generate a security code using Code Generator from your Facebook mobile app;
  • 10 pre-generated codes that you can print on a piece of paper and use them whenever your phone network isn’t available.

I just have to add that this is one of the most efficient ways to secure your account, so please activate it now. Hopefully, Facebook will activate it and make it default for everybody real soon.

Facebook - Security Settings - Login Approvals

Code Generator

Use this option together with Login Approvals to create new authentication codes. You’ll use these to access your Facebook account from a new device.

App Passwords

This option helps you create single use passwords in order to access third-party apps on Facebook and keep your main password safe.

When you’ll log out of the app, the password will not be saved. To access the app again, you’ll need to generate a new, single use password.

Trusted Contacts

From this place you’ll select your close friends that will help you in case you ever have trouble accessing your Facebook account.

Your Browsers and Apps

This is where you can review the web browsers and apps you saved in order to access your Facebook account without confirming your identity.
If you don’t recognize or you don’t use one of them anymore (a former workplace or sold mobile phone, for example), disconnect it from here.

Where You’re Logged In

Use it together with the “Trusted Browsers” feature. Review your logged-in status from here and end activity for any device or place that you don’t recognize.

Facebook - Security Settings - Login Locations (Where You're Logged In From)

Deactivate Your Account

In case you ever grow tired of Facebook, from this place you can choose to temporarily deactivate your account.

Some information will still be available to others, such as your name in their friends list, or the messages you exchanged.

You should know that this option doesn’t permanently delete your account and you’ll be able to reactivate it at any time you want.

However, if you’re serious and you want to permanently delete your account, you can do that from here. Keep in mind that it may take up to 90 days before the deletion process begins. You might also want to consider downloading an archive of your data beforehand.

3. Privacy Settings

The next area that you need to access is the Privacy Settings and Tools one. From here you’ll be able to tweak basic privacy settings and make sure that your past and future posts won’t be seen by intruders.

Facebook - Privacy Settings and Tools

Who can see my stuff?

From here you can control the privacy of future posts. Select the appropriate audience for your future posts, you can share them with:

  • Public (if you want everybody to see them)
  • Friends
  • Friends with Acquaintances
  • Only Me
  • Custom Audience (if you use Friends Lists)

It’s recommended that you set the default sharing option to Friends. Unless you manually change it, Facebook will remember this option and post all your future statuses as only available to your Friends.

From the same location you can also review your activity by using the Activity Log.

Keep in mind that even if you choose to hide a post or photo from your Timeline, the post or photo will still be uploaded online. From there on, you can either choose to Remove Tag or even Request the post to be deleted.

And one last feature available in this section: “Limit the Audience for Old Posts on Your Timeline” – guess this is pretty much self-explanatory, right? By using this tool, all the audience for the content from your timeline will be changed.

Who can contact me?

From here you can choose who’s able to send you friend requests.

If you want to be added as a friend by anyone in the world, even if you don’t have any connections in common, you need to set this option to Everyone.

slow computer

Who can look me up?

In this place you can choose if you want people to find you using your email address or phone number.

From here you can also select if you want search engines, such as Google or Bing, to index your profile and link to it. If you deactivate this setting, your profile will be found only by people searching for your name directly on Facebook.

4. Timeline and Tagging Settings

Next in line: Timeline and Tagging Settings. This place allows you to set other privacy settings, such as who can post to your timeline, timeline visibility and tagging.

We’ll discuss each separately.

Who can add things to my timeline?

This one is pretty straight forward. You can choose who can post on your timeline – if you also hate birthday wishes from unknown people who choose to post on your timeline, select “Only Me” instead of “Friends”.

From here you can also choose to review the posts you were tagged in by your friends before they appear on your timeline. Enable this option to keep spammy or phishy posts away.

Don’t forget that these posts will remain online and still appear in Facebook’s search or news feed. You’ll have to manually remove each tag or even ask the friends who uploaded them to delete them.

Facebook - Timeline and Tagging Settings

Who can see things on my timeline?

This option will help you review what other people see when they look over your profile.

From here you’ll be able to see how your Timeline looks like to the public (to users who aren’t connected to you in any way), to your Friends or even to a specific person.

You can use this last feature in case you ever choose to hide a post from specific people and you want to see how it looks like when they look over your profile. Let’s say that you want to throw a birthday surprise party for your dad: in this case, you can write a post where you announce the event. Before you post it, you can choose to share the post with a Custom Audience (a specific list of Friends), specific Friends (if you want to manually add their names) or NOT share it with specific Friends (anyone you include here won’t be able to see that post unless you tag them).

From here you can also select who can see posts you’ve been tagged in on your timeline and who can see what others post on your timeline.

Permanently connected online

How can I manage tags people add and tagging suggestions?

If you activate the option to “Review tags people add to your own posts before they appear on Facebook”, you’ll be able to check and approve those tags. This way, when someone adds a tag to one of your posts, you’ll be asked to review it before they appear on Facebook.This is an option for tags added by friends. If someone who’s not your Facebook friend will add a tag to one of your posts, you’ll always be asked to review it.

Another setting from here: when you’re tagged in a post, who do you want to add to the audience if they aren’t already in it? Choose “Friends” if you want them to see the post you were tagged in, “Only Me” if you don’t want your friends to see it, or you can create a custom audience.

5. Blocking

From the Blocking tab you can restrict the way in which other Facebook users, apps or pages interact with you.

Here’s what exactly you can set from here:

Restricted List

This option is probably extremely popular among kids who don’t want their parents to see what they post, but they still want them to be friends on Facebook.

Here’s how it works: if you want to restrict a friend from seeing anything that you post, you add them to this list. They’ll still be able to see your public posts, those where you are both tagged in or where a mutual friend was tagged in, but that’s it.

Facebook won’t notify them when you add them to this list, so they won’t know. 😉

Keep out

Block users, app invites, event invites

In case you want to get rid of annoying users, games or events, this is the place to go.

From here you’ll be able to:

  • Block users that you don’t want them to see your Facebook profile, add you as a friend, see what you comment on other profiles or pages or send you any kind of invitations (events or groups).
  • Block someone from sending you messages and video calls. Yes, this one’s separate from the first option. Unless you also block their profile, they’ll still be able to post on your Timeline, tag you, and comment on your posts.
  • Block those annoying game invitations (hit ‘em hard!).
  • Block a page – they won’t be able to interact with you anymore, with your posts or like or reply to your comments. If you currently like that page, by blocking it you will unlike it and unfollow it.
  • Block any other kinds of app invites from someone.
  • Block event invites from someone – this way, you’ll automatically ignore future event requests from that friend. Use this for those PR people from your list, who try to exploit you by sending you all kind of irrelevant event invites.

6. Mobile

From the Mobile section you can enter your mobile phone number (or numbers). You’ll use it when you activate Login Approvals and need to receive the unique code for the second factor authentication.

Here’s also the place where you can activate text messaging from. Facebook Texts are not currently supported by all countries or mobile service providers, but you’ll have a list here.

Facebook - Mobile settings

7. Follower Settings

The Follower tab also has a few important privacy settings, from here you can:

  • Choose who can follow you. Friends follow you and your posts by default, once you add them to your friends list, but you can also allow people who are not your friends to follow your public posts.
  • Choose who can comment on your public posts. In case you want to somehow keep weird users away (or at least not have them interact with you and your friends).

Facebook - Follower Settings

8. Apps

This one is among the most important privacy settings for your Facebook account.

The Apps section shows you what third-party apps you connected in the past, such as:

  • Games;
  • Other social media apps (Instagram, for example);
  • Other social media websites (Medium, for example);
  • Any other kind of apps or websites where you connected with your Facebook account.

Keep in mind that all these external apps can access all the tons of data collected by Facebook about us.

Review what permissions you gave to each of those apps and if they are allowed to post on Facebook on your behalf (and to what audience).

Decline any kind of intrusive apps and permissions allowed in the past. Disconnect any apps that you don’t remember giving them access or you don’t use anymore. All those are potential vulnerabilities to your security and privacy.

For more details on how to master app permissions, you can read the security guide from my colleague, Andra.

Facebook - App Settings

9. Ads

Do you want to allow third party sites access to your personal information? Do you want Facebook telling your friends what you like? If you want to opt-out from these two options, simply select “No” or “No one” to these options.

iPhone 5s

A few more tips and tricks to enhance your Facebook security & privacy

  • Stop accepting friend requests from people you don’t know.
  • You may be targeted by online scammers who want to collect data about users by creating fake Facebook profiles.

    Also, if you ever have enough time, do a clean-up of your friends list and remove anybody you don’t know or never interacted with.

    If you have way too many friends, you can also try this technique: every day look at the birthdays and remove anyone you have no idea who they are. Instead of wishing them a happy birthday. 🙂

  • Do not disclose your password to any of your friends or work colleagues.
  • Trust me, you’ll regret it.

    Even if they are your best friends now and you can’t imagine your life without them, you never know how your relationship is going to evolve.

    All that information can end up being used against you (seen that happen way too many times by vengeful ex employees, ex lovers or friends who felt betrayed).

  • Keep your browser updated.
  • This also goes for your plugins and add-ons, but also your operating system.

    Keep them patched and up to date, in order to close all the security holes. It will help you reduce the chances of a cyber attack that exploits those vulnerabilities.

  • Use good cyber security software.
  • A multi-layered security system will help you keep cyber attackers away.

    Start by installing a good, trustworthy antivirus (if you don’t already have such a thing).

    You can also enforce your security system with a traffic filtering software that works in a proactive way and blocks second generation malware (such as ransomware attacks). And yes, Heimdal is that kind of a software.

  • Watch out for phishing attacks.
  • Pay attention to the various messages you receive from users asking for your personal data.

  • Be careful for social scams.
  • Follow the previous link for a guide that exposes them and also gives tips on how to stay safe.

  • Limit the connections to free, public wi-fi networks.
  • You can easily be tracked when you connect to one of those networks, so try to stay away from them as much as possible. However, if you do have to connect, try working through a VPN.
    More tips here.

  • Don’t forget to log out of your Facebook account.
  • In case you have to connect to Facebook from a different computer, one normally used by other persons, don’t forget to log out of your account at the end of the session.



    When a website becomes popular, you can bet that scammers will be there, somehow trying to take advantage of it. Facebook is no exception to that, as it is the most popular social network in the world.

    The Facebook team works hard to keep you safe and secure, but they can’t control anything.

    Contribute actively to the community.

    Seen any scams or phishing attempts? Don’t let them pass unreported.

    Noticed anything weird? Report it.

    Spotted a copyright infringement? Please do contact the Facebook support team and let them know.

    We would also like to know what are the main security and privacy issues you encountered on Facebook so far.

    Please comment below and we’ll try to help you as much as we are able to (or at least redirect you to someone else who can help you out with your issue).

    * This article was initially written and published by Aurelian Neagu, in October 2014, and brought up to date by Cristina Chipurici, in June 2016.

    linkedin security
    2016.06.08 INTERMEDIATE READ

    Follow These 10 Easy Steps to Enhance your LinkedIn Security and Privacy [Updated]

    twitter security
    2016.06.01 INTERMEDIATE READ

    Twitter Security Tips: How to Improve your Security and Privacy in 10 Easy Steps [Updated]

    instagram security
    2016.05.10 INTERMEDIATE READ

    The Essential Guide to Secure Your Instagram Account [Updated]


    Open group post – I viewed the group, but I am not a member. All the posts did not show I had “seen” the post except when the posts got to April 2016. All posts from April 2016 and before showed I had viewed each post simply because I had looked at the group. IS THERE ANY WAY TO remove my name from “seen by” in those posts?

    Thank you for this. Users can easily change facebook privacy setting according to their choice. “Privacy and security” setting is used for various purposes.For more help you can visit here. It will help you to manage your facebook settings

    love your article.. its one of my main references in my assignment.. thank you

    Great Article. I had my blog hacked a few months back (because of my own laxness with security) generally speaking it is something that most people will not let themselves go through twice.
    Dealing with it -after- is like shutting the proverbial barn door after the horses are out.
    I hope the people reading this take it seriously BEFORE they have a reason to take action.

    Good day…..the to where codes for 2 verification does not come to the designated cell no. Where can I access it to to change the no as I am of the opinion that I have been hacked. This is urgent. Thanks please assist.

    Hi Eric! The best way is to get in touch with the support team from the service you’re having issues with. They’re the most likely to help you in a timely manner. Or you can use alternative authentication options provided by the service. I hope everything works out!

    Someone has recently copied my facebook profile! Please advise how I report it and have the second bogus account closed as I did not create it.
    The privacy setting guide was very helpful – thank you.

    my husband is a very rich and welding man.will make the money together few month later,he started hooking up with bad friends .on my noted he was having an affair with another woman .the family lawyer call me an asked me if me and my husband had a miss-understanding ,because my husband has change the name writing on the wile.he took everything we have to the his girlfriend ,meaning that i don’t have any share in the family.i was frustrated and discourage.until a friend of my advice me to visit a spell caster so that all my problems will been solve within 48 hours then i contacted the spell caster she introduce to me.dr ogun spellcaster,drogun promise that every thing will been alright.few weeks later my husband came back home ,on his kneels begging,asking me forgive and forget about the past and face the future ahead.right now i am in full control of my husband access.a big thants to dr ogun who bring back my husband .if you have same problem kindly contact dr. ogun in his via

    Wow what an article!!! As the popularity of Facebook is now at the top of all social media it has really build a strong security system. A Facebook profile is one of the greatest media to reach people worldwide. I have never go in so deep in Facebook’s security system. Thanks for the detailed information about Facebook security.

    Leave a Reply

    Your email address will not be published. Required fields are marked *

    182 queries in 1.371 seconds