- Categories
- Computers and Electronics
- Internet
- Social Media
- Social Networking Services
- Facebook Privacy and Safety
22 Tips to Protect Your Facebook Account from Hackers
This article was co-authored by Luigi Oppido
and by wikiHow staff writer, Darlene Antonelli, MA
. Luigi Oppido is the Owner and Operator of Pleasure Point Computers in Santa Cruz, California. Luigi has over 25 years of experience in general computer repair, data recovery, virus removal, and upgrades. He is also the host of the Computer Man Show! broadcasted on KSQD covering central California for over two years.
There are 8 references
cited in this article, which can be found at the bottom of the page.
This article has been fact-checked, ensuring the accuracy of any cited facts and confirming the authority of its sources.
This article has been viewed 608,971 times.
For many of us, Facebook is part of everyday life. It’s where we interact with friends and colleagues, follow our favorite celebrities, and stay on top of the latest news. Many of us see Facebook as an extension of ourselves, which is why having your Facebook account hacked can be more than just humiliating. A hacked Facebook account can damage your reputation, expose private information, or even cost you money. If you suspect that your Facebook account has been hacked, the first thing to do is change your password . This wikiHow article teaches you tips and tricks for boosting the security of your Facebook account.
Things You Should Know
- There are plenty of things you can do to protect your Facebook account and prevent it from being hacked, like making a secure password.
- Use Facebook's security features to check your activity on the social media site and make sure there aren't unknown logins.
- Don't click links in emails that claim to be from Facebook and don't give away your login information if you're asked for it.
Steps
-
Choose a password that will be hard for hackers to guess. Your Facebook password should be difficult to guess, yet easy for you to remember. [1] X Research source Avoid including your name, birthdate, pets, or common words in your password.
- The longer the password, the more difficult it will be for others to crack. One way to create a strong password is to think of a long phrase or series of words that you can remember, but that nobody would ever guess.
- Always include numbers, a mix of upper- and lower-case letters, and symbols in your passwords. Aim for at least 10 characters.
- Try making an acronym out of a memorable sentence or song lyrics. For example, "I'm gonna take my horse to the old town road" could be iGTMhtthotR9! Who would guess that?
-
Do not use your Facebook password on any other website or app. You should have a different password for every service you use. [2] X Expert Source Luigi Oppido
Computer & Tech Specialist Expert Interview. 31 July 2019. For example, let's say you use the same password for Facebook as you do for TikTok. If your TikTok is hacked, the hacker can also gain access to your Facebook account.
-
Use a password manager. As you create more strong and unique passwords, it will be difficult to remember them all. There are many good password managers available that will encrypt and safely store your passwords so you only have to remember one master password. [3] X Expert Source Luigi Oppido
Computer & Tech Specialist Expert Interview. 31 July 2019. Some popular options are LastPass, Dashlane , and 1password .- You might even have a password manager built into your operating system. For example, if you have a Mac, iPhone, or iPad, you can use the iCloud Keychain for free.
- If you're using a browser that saves your passwords, such as Google Chrome, you'll be required to enter a master password to see them in plain text. In the case of Chrome, you'll have to enter your Google password. If it's Microsoft Edge and you're using Windows 10, you'll have to confirm your default sign-in password or PIN.
-
Change your password once every 6 months. This goes for all your passwords, not just Facebook. Set a reminder on your calendar if it's difficult to remember.
-
Only log in on trusted computers. If you are using a computer that you don’t know or trust, avoid doing anything that requires you to enter your password. Hackers commonly use keyloggers on computer systems that record everything you type, including passwords.
- If you must log in on a computer you don't trust, you can request a one-time password from Facebook in some regions as long as your phone number is already linked to your account. [4] X Research source To do this, send a text message to 32665 (if you're not in the US, see this list for your number) containing the letters otp . As long as your mobile phone is linked to Facebook, you'll receive a 6-digit temporary passcode you can use in the "Password" blank to sign in.
- If it’s not possible for you to use a one-time password and you absolutely must sign in, change your Facebook password as soon as you're back at your own computer, phone, or tablet.
- Avoid using the “remember password” feature on computers other than your own. If you sign in to Facebook on a public computer (or even at a friend's house), you may see a “remember password” prompt that asks if you'd like to save the password. Choose the Not Now (or similar) option, or else other users of that computer can gain access to your account.
-
Set up Login Alerts. Login Alerts send you an alert (Facebook notification, email, and/or text message) when someone logs into your account from an unrecognized location. If you get a login alert and you weren't the one that logged in, click or tap the This wasn't me link to recover your account immediately. Here's how to set up Login Alerts:
- On a computer:
- Go to https://www.facebook.com/settings?tab=security .
- Click Edit next to "Get alerts about unrecognized logins."
- Choose how to receive notifications and click Save Changes .
- On a phone or tablet:
- Open the Facebook app and tap the menu (the three horizontal lines).
- Scroll down and tap Settings & privacy .
- Tap Settings .
- Tap Security and Login .
- Tap Get alerts about unrecognized logins .
- Choose how you want to receive alerts.
- On a computer:
-
Two-factor authentication makes it harder for hackers to log in. Two-factor authentication gives your account an extra level of security by requesting a security code when you log in from an unknown browser. You can choose to receive this code via SMS text message or using an authentication app like Google Authenticator . After setting up two-factor authentication, you'll be given options for recovering your account in case you lose access to your second device (your phone).
- On a computer:
- Go to https://www.facebook.com/settings?tab=security .
- Click Edit next to "Use two-factor authentication."
- Select Use Text Message and follow the instructions to receive codes via SMS (most common) and follow the on-screen instructions.
- Select Use Authentication App to use an authentication app like Duo or Google Authenticator and follow the on-screen instructions.
- Using a phone or tablet:
- Open the Facebook app and tap the menu (the three horizontal lines).
- Navigate to Settings & Privacy > Settings .
- Tap Security and Login .
- Tap Use two-factor authentication .
- Tap Use Text Message and follow the instructions to receive codes via SMS (most common), and follow the on-screen instructions.
- Tap Use Authentication App to use an authentication app like Duo or Google Authenticator, and follow the on-screen instructions.
EXPERT TIPTechnology SpecialistBrandon Phipps is a Technology Specialist based in Bakersfield, CA. He is the owner of Second Star Technologies and specializes in Managed IT Services for small and mid-sized businesses in Bakersfield, CA. With over 23 years of experience, he offers expert cloud computing, cybersecurity, and network management solutions. Brandon is a committed community member and coach who leads and innovates in tech and sports coaching. His dedication to local businesses and communities is evident in his hands-on, tailored approach to IT solutions.Enable two-factor authentication on all your digital accounts. That applies to all your personal accounts, business accounts, finances, client information, and productivity apps. Two-factor authentication protects your sensitive data from unauthorized parties and reduces the risk of security breaches.
- On a computer:
-
See where you're logged in (and log yourself out remotely). The “Where You’re Logged In” section tells you which devices are currently signed to your Facebook account. If you think someone is using your account, or that you left yourself logged in somewhere else (like at work or on a friend's computer), you can use it to sign yourself out remotely .
- Using a computer:
- Go to https://www.facebook.com/settings?tab=security . This shows you a list of currently signed-in locations near the top of the page.
- Click See more to expand the list (if given the option).
- To sign out of a session, click the three vertical dots and select Log Out . Or, if the session is not you (if you think you've been hacked), select Not You? instead and follow the on-screen instructions.
- Click Log Out of All Sessions to sign out everywhere you're logged in.
- Using a phone or tablet:
- Open the Facebook app and tap the menu (the three horizontal lines).
- Navigate to Settings & Privacy > Settings > Security and Login .
- Locate the list of currently signed-in locations.
- Tap See all if necessary.
- To sign out of a location, tap the three vertical dots and select Log Out . Or, if you think you've been hacked, select Not You? and follow the on-screen instructions.
- Repeat until you're signed out everywhere you want.
- Using a computer:
-
Check the list of recent emails from Facebook. If you accidentally deleted an email that Facebook sent you, or if your email account was hacked and you’re afraid that the hacker got into your Facebook account, you can see a list of recent messages sent by Facebook.
- Using a computer:
- Go to https://www.facebook.com/settings?tab=security .
- Click View next to "See recent emails from Facebook". Security emails are on the first page—tap OTHER EMAILS to see different types of Facebook emails.
- Click I didn't do this or Secure your account if necessary.
- Using a phone or tablet:
- Open the Facebook app and tap the menu (the three horizontal lines).
- Navigate to Settings & Privacy > Settings > Security and Login .
- Tap See recent emails from Facebook .
- Tap I didn't do this or Secure your account if necessary.
- Using a computer:
-
Limit who can see your posts. If you've never specifically chosen an audience for your Facebook posts, you may be sharing your information publicly. When posting to Facebook, you can click or tap the small drop-down menu above (mobile) or below (computer) the typing area to select an audience ( Public , Friends , etc.). If you want to go back and limit your previous posts, here's how:
- Using a computer:
- Go to https://www.facebook.com/settings?tab=privacy .
- Click Edit next to "Who can see your future posts?" to control your default posting privacy.
- Click Limit Past Posts to change all public (or friends-of-friends) posts to friends-only.
- Click Check a few important settings at the top of the page to run a privacy checkup for more settings to change.
- Using a phone or tablet:
- Navigate to Settings & Privacy > Settings > Privacy Settings .
- Tap Who can see your future posts? to control your default posting privacy.
- Tap Limit who can see past posts to change all public (or friends-of-friends) posts to friends-only.
- Tap Check a few important settings at the top of the page to run a privacy checkup for more settings to change.
- To see what your profile looks like to other people (computer or mobile), go to your profile, click or tap the three horizontal dots (…) near the top of the page, and then select View as .
- Using a computer:
-
This advanced option protects your Facebook emails. Facebook gives you the option to have all notification emails to be encrypted before they are sent to you. This can only be done on Facebook's website (not the mobile app), and you'll need an OpenPGP key to get started. To do this, head over to https://www.facebook.com/settings?tab=security , scroll down and click Edit next to "Encrypted notification emails," paste your OpenPGP Key into the box, add a checkmark to the box, and then click Save Changes .
- If you’re not sure how to get an OpenPGP key, there are several free web-based PGP key generators (such as https://pgptool.org/ and https://pgpkeygen.com/ ) that you can use to create one.
-
Make sure you're logging in on the correct website. If you're using a web browser to access Facebook, make sure the address bar actually says www.facebook.com and not something like facebook.co, face.com, or facebook1.com, etc. Phishers often choose sites that you may accidentally type into your address bar when in a hurry.
- Be especially careful when clicking links in email messages from Facebook. Scammers may send emails that look like they are from Facebook but are rogue sites that steal your data. If you click or tap a Facebook link in an email and you see any domain name that isn't "facebook.com," do not enter your password or any other personal info.
-
Scammers can create fake accounts and friend people. Once they’ve friended you, they can spam your timeline, tag you in posts, send you malicious messages, and even target your friends.
- If your birthday and location are viewable by your Facebook friends and you regularly update your whereabouts, scammers might be able to use your details and updates to crack your passwords or even break into your home when they know you’re away on vacation.
- Be wary if you receive a friend request from someone you think you're already friends with. Scammers often mimic real people's profiles and try to make friends with their friends.
-
Click carefully. Your friends aren’t immune to spam. If a friend posts a suspicious link or “shocking video” or sends something strange in a message, don’t click it—even if it's from someone you know. If one of your Facebook friends clicks on a spam link, they could accidentally send it over to you. [5] X Research source
- This also goes for sketchy-looking websites, browser plug-ins and videos, and suspicious emails and notifications. If you ever receive an email asking for your password for any account that you have, do not respond. Reputable companies will never request your password over email.
-
Check your account purchases regularly. If you make purchases on Facebook, be sure to review your purchase history often. That way, if someone does manage to get into your account and spend money, you can seek help from Facebook’s Payments Support Center.
- To see your payment history on a computer, visit https://secure.facebook.com/facebook_pay/payment_history .
- If you're using a phone or tablet, tap the three horizontal lines or blue-and-white "f", tap Facebook Pay , and then scroll down to the "Payment History" section.
- To review your payment history, go to “Settings” and then click on the “Payments” tab.
-
Report questionable posts or profiles on Facebook. How you report something will depend upon what you’re reporting. [6] X Research source
- To report a profile, go to the profile you want to report, click or tap the three horizontal dots (…) near the top, select Find Support or Report Profile , and follow the on-screen instructions.
- To report a problematic post, navigate to the post, click or tap the three horizontal dots (…) near the top, select Find Support or Report Profile , and follow the on-screen instructions.
- To report a message, open the message you'd like to report in Facebook (or Messenger on a phone or tablet), click the gear or tap the person's name, and select Something's Wrong . Follow the on-screen instructions.
-
If you think someone might be a hacker, block them. If someone is harassing you, sending you multiple repeated friend requests or suspicious messages, or trying to hack you, it's best to just block them. To block someone, click or tap the three dots at the top of their profile, select Block , and follow the on-screen instructions.
- People won't be notified when they are blocked by you unless they try to view your account. Blocking people makes sure that they are removed from your friends list and trusted contacts, and also prevents them from harassing you.
-
Scan your computer for malware and viruses regularly. Malware may help hackers circumvent Facebook's security tools to get access to your account. From there, it can collect personal information, send status updates and messages that appear to be from you, or cover your account with ads that will crash your computer. [7] X Research source There are a number of free anti-malware programs available online. Facebook recommends ESET and Trend Micro as free scanning tools. [8] X Research source
- Your computer may have malware on it if you have recently tried to watch a “shocking video” via a Facebook post; if you have visited a website claiming to offer special Facebook features; or if you have downloaded a browser add-on that claims to do the impossible (for example, allowing you to change the color of your Facebook profile). [9] X Research source
- PCs and Macs have their own free version of anti-malware , so scanning and getting rid of the bad files is easy!
-
Keeping your software up-to-date helps prevent security issues. In particular, ensure that whatever browser you are using is up to date. Facebook supports Firefox, Safari, Chrome, and Microsoft Edge.
- Make sure your computer, phone, or tablet is running the latest operating system so that you have the most recent security updates installed.
-
Watch for suspicious messages that appear to be from Facebook. If you receive an email or Facebook message asking for your personal information, it could be a phishing attempt. Always report all Facebook-related phishing attempts to Facebook via email at phish@fb.com. [10] X Research source To avoid getting “phished” (scammed) , beware of the following:
- Messages claiming to contain your password as an attachment.
- Images or messages with links that don’t match what you see in your status bar when you hover over them.
- Messages asking for your personal information, such as your password, credit card info, driver’s license, social security number, date of birth, etc.
- Messages claiming that your account will be deleted or locked unless you act immediately.
Expert Q&A
-
QuestionWhat should I do if I think I've been hacked?Luigi Oppido is the Owner and Operator of Pleasure Point Computers in Santa Cruz, California. Luigi has over 25 years of experience in general computer repair, data recovery, virus removal, and upgrades. He is also the host of the Computer Man Show! broadcasted on KSQD covering central California for over two years.If you're worried you've been hacked, the best thing you can do is change your password.Thanks! We're glad this was helpful.
Thank you for your feedback.
If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission. Support wikiHow -
QuestionWhat if the hacker is really smart and hacks my address? I'm afraid I'm being stalked.R2_d2000Top AnswererIf you feel your life is in danger, contact the police. The articles How to Check if You Are Under Surveillance , How to Recover a Hacked Facebook Account , How to Prevent Hacking , and How to Activate 2 Step Verification in Facebook should be able to provide some help.Thanks! We're glad this was helpful.
Thank you for your feedback.
If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission. Support wikiHow -
QuestionHow do I set up an authentication code for Facebook?R2_d2000Top AnswererThe wikiHow article How to Activate 2 Step Verification in Facebook provides step-by-step directions with pictures to help you enable an authentication code for Facebook.Thanks! We're glad this was helpful.
Thank you for your feedback.
If wikiHow has helped you, please consider a small contribution to support us in helping more readers like you. We’re committed to providing the world with free how-to resources, and even $1 helps us in our mission. Support wikiHow
Video
Tips
- If you're worried your Facebook account has been hacked, change your Facebook password right away, and you can easily recover it . [11] X Expert Source Luigi Oppido
Computer & Tech Specialist Expert Interview. 31 July 2019.Thanks
You Might Also Like
References
- ↑ https://www.facebook.com/help/285695718429403
- ↑ Luigi Oppido. Computer & Tech Specialist. Expert Interview. 31 July 2019.
- ↑ Luigi Oppido. Computer & Tech Specialist. Expert Interview. 31 July 2019.
- ↑ https://www.facebook.com/help/214309978590084?helpref=uf_permalink
- ↑ https://www.facebook.com/help/287137088110949/
- ↑ https://www.facebook.com/help/181495968648557
- ↑ https://www.facebook.com/help/320234818071511/
- ↑ https://www.facebook.com/help/389666567759871
- ↑ https://www.facebook.com/help/320234818071511/
- ↑ https://www.facebook.com/help/120286311449381?sr=9&%3Bquery=reporthacker&%3Bsid=2TpUBw9u7gcOKfTcR
- ↑ Luigi Oppido. Computer & Tech Specialist. Expert Interview. 31 July 2019.
About This Article
1. Create a strong password.
2. Don't use the password anywhere else.
3. Try a password manager.
4. Set up login alerts.
5. Turn on two-factor authentication.
6. Choose trusted contacts.
7. Limit who can see your posts.
8. Report spam and suspicious content.
Reader Success Stories
-
Anonymous
Sep 22, 2017
"It was really helpful to me actually, I am a good programmer but I am just learning to secure not to hack, I appreciate you wikiHow. " ..." more
Is this article up to date?
Anonymous
Sep 22, 2017
Linda Reedy
Jun 7, 2016
General G.
May 27, 2016
Nanoi Tamut
May 8, 2018
Hajia
Oct 16, 2016