Facebook creates the illusion that we are sharing posts and photos in a safe space, among friends and family. But in reality, if we're not careful, outsiders can swipe our personal info to gain access to our email, banking, and credit card accounts; to steal our identities; or even to spam and scam our friends. Follow these five steps to secure your sensitive info on Facebook.
Create strong passwords
Create a password that's hard to decipher and that you use only on Facebook. Don't share it with anyone. If you think someone might have it, change it. Tap More on your phone (bottom right on iOS and upper right on Android), then Account Settings, General, and Password. On your desktop, head to Settings from the main menu, and under General Account Settings, click Password and Edit, then follow the prompts. Check out our guide for creating strong passwords.
As an added precaution, Facebook offers a more secure two-step verification option called Login Approvals. This feature forces you to log in with two pieces of information: your password and a code sent to your phone. On your mobile device, go to More, Account Settings, Security Settings. Click Login Approvals On, and you'll be walked through the setup process. On your desktop, head to Settings, Security, and Login Approvals to begin setup. Learn more about two-step verification.
If you forget your password, the Trusted Contacts feature enables your friends to help you get back into your account. On your mobile device, go to More, Account Settings, Security Settings, then Trusted Contacts, and tap Add Friends to zip through the painless process. On your desktop, tap Settings, Security, and Trusted Contacts to start the process. Add three to five friends for Facebook to entrust with a code that your contacts can then send to you to get back into your account.
Always log out
If you're logged in to Facebook from multiple devices and haven't logged off, then these sessions are still active, and anyone who happens upon them has access to your page and your data. Go to More on your mobile device, then Account Settings, Security Settings, and Active Sessions, and tap the X next to any session you want to end. On your desktop, go to Settings, Security, and Where You're Logged In to make changes. The better practice is to always log out, especially if you're on a shared device. Logout is under More on your mobile device or in the main menu on your desktop.
Report spam and avoid phishing
Don't open posts, messages, games, or friend requests that appear suspicious. For example, if the post allegedly comes from a friend but asks for help or money or promoting a free prize, don't click but do be a good Samaritan and tap the arrow in the top right corner of the post to report it. Tap Report This Post, and then It's Spam. If you get an email asking for your Facebook info, don't click it. It's phishing, a scam to grab your information.
Turn on Login Alerts
As a pre-emptive strike against hackers, turn on Login Alerts to get notified if anyone's logged into your account from a new phone, tablet, or computer. On your mobile device, go to More, Account Settings, Security Settings, then Login Alerts, and choose whether you'd like to receive your alert on Facebook or by email or text. On your desktop, go to Settings, then Security. If someone else has logged in, let Facebook know and it'll secure your account by changing your password and reviewing recent posts to ensure you made them.
If your account's been hacked, click Need Help? on your mobile device's log-in screen, then tap Help Center, Login & Password, and select the topic "I think my account has been hacked or someone is using it without my permission." You'll be taken through the steps to change your password and review all recent posts to ensure that they were made by you. If any weren't, report them for deletion.
From your desktop, open the Main Menu, tap Help, then Visit the Help Center, Security, Hacked Accounts, and "I think my account was hacked or someone is using it without my permission." Facebook will then help you secure the account.
Perform a Security Checkup
Take advantage of Facebook's new Security Checkup feature on your desktop. This quick and easy diagnostic alerts you to three potential holes in your security: whether you're logged in to any unused apps, have Login Alerts set up, and/or have a weak password. It also helps you swiftly handle any of these security threats.