How to protect your Facebook account

With so much personal data contained in your Facebook profile, you should definitely not take a light approach when it comes to protecting your account. The good news is that by taking a few relatively simple steps, users can reduce the risk posed by Facebook security threats. This article explains how to protect your Facebook account to ensure that the account and all its information is well protected.

Smart password management

Creating a strong and unique password is perhaps the first step in securing your Facebook account. However, some experts find it important to regularly update social media passwords to keep hackers at bay. Consequently, you should know how to change your Facebook password.

On computer

• Open Facebook in a browser on your computer.
• Click the down arrow in the top right corner and select "Settings and Privacy" from the menu that appears.
• Go to settings.
• From the left side of the display, select "Security & Login".
• Tap "Change password".
• Enter your current and new passwords twice. Click "Save Changes" below to continue.

From mobile app

1. Open the Facebook app on your mobile device.
2. Tap the hamburger menu in the top right corner of the display.
3. Click on "Settings and Privacy" at the bottom.
4. Select "Settings".
5. Tap "Password & Security" at the top.
6. Select "Change password".
7. Type your current and new passwords twice, then tap "Update Password".

You can change your password even when you are not logged in to your account. You will need to log into the page and use your email or mobile number to identify your account.

Once your account is located, you can have Facebook send you the code to reset your password via your Google account.

Additional safety tips

Making sure your password information isn't readily available to third parties is also an important part of keeping your Facebook secure. To this end, we recommend that you do not use your Facebook password anywhere else online or share it with other people.

Make your password difficult to guess, so don't include things like your name, date of birth, or other common information. Also, if you are known to keep a record of your passwords, take precautions and keep them in a secure folder on your PC or notebook that is kept in a private location to prevent others from tripping over this information. Saving your passwords in an encrypted password manager is obviously ideal.

In addition to the fear of curious people finding or guessing your password, users also have phishing problems to worry about. To this end, you should never share your login information, either with other people directly or with websites that ask you to login with your email and password through email or other types of communications. To avoid scams, always check the website URL before entering your login information. Legitimate emails from Facebook related to your account always come from fb.com, facebook.com or facebookmail.com.

Configure two-factor authentication

Two-factor authentication (2FA) is a security measure that adds an extra layer of protection to your account, so even if someone knows your password, they won't be able to log into your Facebook account, unless is able to provide a second verification of identity. This usually comes in the form of a code that is sent to your cell phone via an SMS or an authentication app such as.

When it comes to Facebook, you have not one but three options when it comes to adding an additional security method when you log into your account. Here's how to enable two-factor authentication (2FA) for your Facebook account.

desktop">desktop">desktop">desktop">desktop">desktop">desktop">desktop

To enable 2FA via Facebook on your computer, follow these steps:

• Go to “Security and Login” as shown above.
• Click on "Use two-factor authentication",
• Here you have three options to choose from: a) authentication app b) text message (SMS) and c) security key. Facebook recommends opting for an authentication app for added security. For the purpose of this tutorial, we are following this advice.
• Facebook will display a QR code and an alphanumeric code.
• Go back to your phone and install the authentication app, if you haven't already. Open the app and select the “Scan a QR code” option. Alternatively, you can also enter the configuration key, but the first option is more convenient. Use your phone to scan the QR code.
• An “Account Added” page will open on your phone with the code displayed below. Press "Add Account".
• On your PC, press "Continue".
• Enter the verification code from the app.
• Enter your Facebook account password.
• Congratulations, your two-factor authentication is now active.

Authorized Access

Facebook keeps track of your logins and keeps a list of where you logged in the most. The app recognizes these logins as safe, but you may disagree. Please check this list and decide whether to include certain devices / browsers. This is an important security aspect that should not be overlooked, as Facebook allows you to log into these devices without a passcode. Here's how to view the list:

• Go to "Security and access".
• In the “Two-Factor Authentication” section, click “Authorized logins”.
• This should bring up the above-mentioned list. You can tick the devices you want to remove from the list.
• Click "Remove" to delete them.

Mobile

On mobile devices, the process of enabling two-factor authentication is relatively similar. Again, make sure you have an authentication app installed on your device before starting the process to make sure it runs as smoothly as possible.

• In the mobile app, open the “Passwords and security” section as explained above.
• Find the “Two-Factor Authentication” section and tap the “Use Two-Factor Authentication” option.
• Select your preferred method (we opted for the authentication app again) and tap the "Continue" button below.
• Facebook will generate the QR code and the written code. If you have installed both Facebook and the Authenticator app on the same device, press the "Configure on the same device" option, then "Continue".
• The authentication app will detect your Facebook account and add it. Press "Ok".
• You will be able to see the confirmation code in the authentication app. Press and hold on it to copy it to your device's clipboard.
• Go back to the Facebook app and paste the code. Press "Continue".
• You will be notified that 2FA is now active. Press "Done".

If you later change your mind about 2FA, you can easily disable the feature by following the steps above to disable it.

Authorized logins

• On mobile devices, you can also review and remove devices that you don't want to be authorized for direct access. Tap the "Authorized Logins" option under "Two-Factor Authentication".
• From there you can remove devices by tapping the "X" button.

Use a one-time password to log in

When it comes to logins, Facebook offers you another security option. You can log into your Facebook account using a one-time password. You can use this option whenever you are not comfortable logging in with your real credentials, for example in a public space such as a library, hotel, etc. Note that this option will not work if you have two-factor authentication enabled.

Also, you will need to have "Facebook Texts" set up before trying to do this by going to "Settings -> Cellular" and adding your phone.

Set alerts for unauthorized access

Even with 2FA authentication enabled for your account, you may still find that an additional layer of security is required. If so, be aware that you can choose to add login alerts. These will let you know when someone tries to log in from an unrecognized device or web browser by giving you information about the device they attempted to log in and its location. Follow the instructions below to enable alerts for your account.

desktop">desktop">desktop">desktop">desktop">desktop">desktop">desktop

• Go to the “Security and Access” section as we showed you in the previous sections.
• Find the “Setting up additional security” section and click on the “Receive alerts on unrecognized logins” option to enable the feature.
• Once the feature is enabled, click Edit next to the option and select how you want to receive login alerts. You can choose to receive them as an in-app notification or via Messenger, although this feature will soon be retired in favor of the former. The third choice is to receive the notice via your email.
• Click "Save Changes" once you have made your choice.

When the login alerts start raining, Facebook will ask you to approve each login activity by clicking or tapping "I did it". If you don't recognize the activity, click "It wasn't me" and Facebook will help you reset your password and protect your account.

Mobile

• Go back to the “Passwords & Security” section on your mobile device using the previous steps.
• Under “Setting up additional security”, tap “Receive alerts about unrecognized logins”.
• Select how you want to receive these access alerts.

That's all. Facebook will send you a warning whenever you or someone else tries to log in from an unrecognized device or browser.

Search for suspicious devices

In correlation with setting up login alerts, you should be aware of which devices and browsers you use. Facebook will send you alerts containing information, such as your device name and location. Keeping track of all the devices you've recently used to log in can help you uncover any suspicious activity.

You can cross-reference your memories with the Facebook list that records where you logged in. Here's how to access it:

desktop">desktop">desktop">desktop">desktop">desktop">desktop">desktop

• Under "Security and Login" you should find "Where are you logged in". Tap See More to see a full list of where you recently signed in.
• Once you've found a suspicious device or location (for example, if you've never logged in with your Facebook account on a Linux device), tap the three dots next to the item and select "Isn't that you?" option. Alternatively, you can choose to log out remotely from this device.
• If you want to make sure you haven't forgotten to log out of your account on a particular device, scroll down to the bottom and click "Log out of all sessions".

Mobile

• On your mobile device, you can find the same information by going to “Passwords and security” and tapping the “See all” button in the “Where are you signed in” section.
• Tap the three dots next to a suspicious entry and select the “Secure account” option to reset your password. Alternatively, you can press "Exit".
• You can also scroll to the bottom and click on “Exit all sessions”.

Monitor linked apps and websites

Many apps and websites give you the ability to log in with your Facebook credentials. While this may sound tempting for convenience, we strongly advise against it, as we often tend to forget to revoke Facebook access once permissions have been granted.

If you have done this in the past, don't worry, as you can now remove access from these apps. We show you how below.

desktop">desktop">desktop">desktop">desktop">desktop">desktop">desktop

• From the Settings panel on the left side of the display, scroll down until you find "Apps & Websites".
• You will be shown a list of all the apps you have logged into using your Facebook credentials.
• If you are curious about what Facebook information is / has been shared with the app, you can click on the "View and Edit" button next to the entry. Alternatively, you can simply hit the "Remove" button.
• If you chose "Remove", you will be asked to choose whether you want Facebook to delete any information the app may have posted to your journal. You can also authorize Facebook to notify the app that your login connection has been removed. Finally, hit "Remove" again.

Mobile

• On your mobile device, open “Settings and privacy” from the app.
• Scroll down to the Permissions section and tap “Apps & Websites.
• Tap an app you want to remove.
• Tap "Remove". If, on the other hand, the login has expired and you wish to continue the session, you can select the "Renew" button.
• If you selected the first option, you will be presented with the same two options as above. Make your selection and press “Remove” once more.

Install an extension / add-on

Browser extensions or add-ons can also help boost Facebook security, such as the add-on, which essentially isolates your Facebook identity from the rest of the web. With the built-in extension, Facebook cookies and site data that they help identify "you" will only be available in that container and only the social site can be opened in that container.

This means that you will no longer be tempted to log in with your Facebook credentials and your Facebook login information will be limited to the specific container.

Chrome users concerned about phishing attacks can try the extension. Once installed, the extension will block fake Facebook login pages, thus preventing you from falling victim to scams. It also includes a “Facebook Security Test” feature, which shows you the vulnerabilities in your account and gives you direct links to resolve unsafe situations.

Run a quick security check

If you don't want to install an extension, Facebook can run its own security check. From "Security and Login" (or "Password and Security if you are on a mobile device), click" Check important security settings "and Facebook will show you how to protect your account and notify you of any problems.

It's an easy way to know if you've taken the right steps to secure your account, and it only takes a few seconds.