For some of us, Facebook has become a part of everyday life. Facebook is a medium for us to interact with friends and co-workers, follow the news of our favorite celebrities, and find out the latest news. Some of us also see Facebook as a representative or self-representation so that when an account is hacked, we will feel very embarrassed. A hacked Facebook account can damage your reputation, expose personal information, or even cost you money. If you suspect your account has been hacked, the first steps you need to take are change account password. This wikiHow teaches you tips and tricks to increase the security of your Facebook account.
Step
Method 1 of 3: Password Protecting Account
Step 1. Create a secure and strong password
Account passwords should be difficult to guess, but easy enough for yourself to remember. Do not include names, birthdays, pet names, or general words in the password.
- The longer the password, the harder it will be for someone else to crack it. One tip for creating long passwords is to think of a long phrase or series of words that you can remember, but no one else can think of or guess.
- Always include numbers, a mixture of upper and lower case letters, and symbols in password entries. Try to create a password with a minimum of 10 characters.
-
Try creating acronyms from memorable sentences or lines of song lyrics. For example, the line "If you're just playing around, you're wasting your time" could be shortened to " BKhmm5Skbwp!
Who can guess such a password?
Step 2. Don't use Facebook passwords for other websites or apps
Create a different password for each service you use. For example, let's say you use the same password entry for your Facebook and TikTok accounts. If your TikTok account is hacked, hackers can also access your Facebook account.
Step 3. Use a password manager program or feature
As so many unique and strong passwords are created, you will have a hard time remembering them all. However, there are various password management tools or programs that can encrypt and securely store all of your password entries so that you only need to remember one key password. Some of the programs that are quite popular include LastPass, Dashlane, and 1password.
- You may already have a password manager program built into the operating system. For example, if you have a Mac, iPhone, or iPad computer, you can use the iCloud Keychain feature for free.
- If you are using a browser that stores password entries (eg Google Chrome), you will be prompted to enter your key/master password to view the saved password entries in plain text format. For Google Chrome, you will be asked to enter your Google account password. If you are using Microsoft Edge and Windows 10, you will need to confirm your master login password or PIN code.
Step 4. Change the account password every six months
This applies to all passwords used, not just Facebook account passwords. Set a reminder on the calendar if you have trouble remembering this replacement schedule.
Step 5. Do not share your account password with others
More precisely, don't mention or share any account passwords with anyone! Facebook or other services will never ask for your account password.
Step 6. Log in to Facebook only through trusted computers
If you're using a computer you don't know or trust, don't take action that requires you to enter a password. Hackers often use key logger programs that will record anything you type on a computer system, including passwords.
- If you really need to log into a certain service account on a computer you don't trust, you can request a one-time password or one-time password from Facebook (for certain regions or countries). To request a password, send an otp message to 32665 (For countries other than the United States, see this list for the shipping destination number). As long as your phone number is linked to your Facebook account, you can receive a temporary 6-digit passcode that you can enter in the “Password” or “Password” field to log into your account.
- If you can't use a single-use password and do need to access your Facebook account, change your account password as soon as you can access or reuse your personal computer, phone, or tablet.
- Do not use the “remember password” or “remember password” feature on a computer other than a personal computer. When accessing your Facebook account on a public computer (or even a computer at a friend's house), you may see a “remember password” prompt asking if you want to save your password on your browser. Choose " Not Now ” (or similar option). Otherwise, other computer users can access your account.
Method 2 of 3: Using Facebook's Security Features
Step 1. Set and enable login alerts
The login alerts feature will send you an alert (via Facebook notifications, email, and/or text messages) when someone accesses your account from an unknown location or device. If you get a warning and you are not currently accessing your account, click or tap the link “ This wasn't me ” (“This is not me”) to recover the account immediately. Follow these steps to set up and enable logon alerts:
-
On the computer:
- Visit
- Click " Edit ” (“Edit”) next to “Get alerts about unrecognized logins” (“Get alerts about unrecognized logins”).
- Specify the method of receiving notifications and click “ Save Changes ” (“Save Changes”).
-
On your phone or tablet:
- Open the Facebook app and tap the menu icon (three horizontal lines) or the large “F” at the bottom center of the screen.
- Scroll down and select " Settings & Privacy ” (“Settings & Privacy”).
- Touch " Settings " ("Arrangement").
- Choose " Security and Login ” (“Security and Login”).
- Touch " Get alerts about unrecognized logins ” (“Get alerts about unknown logins”).
- Specify the method of receiving the warning.
Step 2. Enable the two-factor authentication feature
This feature gives your account an extra level of security by asking for a security code when you try to access your account through an unknown browser. You can receive the code via text message (SMS) or an authentication application such as Google Authenticator. Once you have two-factor authentication set up, you can get the option to recover your account in case you ever lose your second device (e.g. your phone).
-
On the computer:
- Visit
- Touch " Edit ” (“Edit”) next to the “Use two-factor authentication” option.
- Choose " Use Text Message ” (“Use Text Message”) and follow the prompts to receive the code via short message (the most common method), and proceed to the next command shown on the screen.
- Choose " Use Authentication App ” (“Use Authentication App”) to use an authentication app such as Duo or Google Authenticator, then follow the on-screen instructions.
-
On your phone or tablet:
- Open the Facebook app and tap the menu icon (three horizontal lines) or the large “F” at the bottom center of the screen.
- Choose " Settings & Privacy ” (“Settings & Privacy”) > “ Settings " ("Arrangement").
- Touch " Security and Login ” (“Security and Login”).
- Touch " Use two-factor authentication ” (“Use two-factor authentication”).
- Choose " Use Text Message ” (“Use Text Message”) and follow the prompts to receive the code via short message (the most common method), and proceed to the next command shown on the screen.
- Touch " Use Authentication App ” (“Use Authentication App”) to use an authentication app such as Duo or Google Authenticator, then follow the on-screen instructions.
Step 3. Choose a trusted contact if at any time you can't access your account
Trusted contacts are friends who can help you regain access to your Facebook account if you ever can't access it. You should only choose people you really trust as trusted contacts. If you have a fight or problem with one of your trusted contacts, make sure you remove him from the list immediately because he could be trying to hack into your account. To set up or assign trusted contacts:
-
On the computer:
- Visit
- Click " Edit ” (“Edit”) next to “Choose 3 to 5 friends to contact if you get locked out” (“Choose 3 to 5 friends to contact if you can't sign in”).
- Choose " Choose friends ” (“Select a friend”) and follow the instructions displayed on the screen.
-
On your phone or tablet:
- Open the Facebook app and tap the menu icon (three horizontal lines) or the large “F” at the bottom center of the screen.
- Choose " Settings & Privacy ” (“Settings & Privacy”) > “ Settings ” (“Settings”) > “ Security and Login ” (“Security and Login”).
- Touch " Choose 3 to 5 friends to contact if you get locked out ” (“Choose 3 to 5 friends to call if you can't sign in”) and follow the on-screen instructions.
Step 4. Review the login locations for your account (and remotely close that access)
The “Where You're Logged In” segment shows the devices that are currently active and used to log into your Facebook account. If you suspect someone is using your account, or you forgot to sign out of your account on another computer or device (e.g. a work computer or a friend's), you can access this segment to remotely close your account.
-
On the computer:
- Visit A list of locations/devices currently linked to your account will appear at the top of the page.
- Click " See more ” (“See more”) to expand the list (if an option is available).
-
To end the login session, click on the three vertical dots icon and select “ Log Out " ("Go out"). If the session is not being used by you (or you suspect it has been hacked), select “ Not You?
” (“Not you?”) and follow the prompts displayed on the screen.
- Click " Log Out of All Sessions ” (“Log Out All Sessions”) to terminate account access on all devices used to log in to the Facebook account.
-
On your phone or tablet:
- Open the Facebook app and tap the menu icon (three horizontal lines) or the large “F” at the bottom center of the screen.
- Choose " Settings & Privacy ” (“Settings & Privacy”) > “ Settings ” (“Settings”) > “ Security and Login ” (“Security and Login”).
- Look for a list of locations or devices that your Facebook account is currently connected to.
- Touch " See all ” (“See all”) if necessary.
-
To end the login session, touch the three vertical dots icon and select “ Log Out " ("Go out"). If the session is not being used by you (or you suspect it has been hacked), select “ Not You?
” (“Not you?”) and follow the prompts displayed on the screen.
- Repeat the steps until you sign out of all required devices or locations.
Step 5. Check the list of recent emails from Facebook
If you accidentally deleted an email sent by Facebook, or your email account has been hacked and you're afraid that hackers might gain access to your Facebook account, take a look at the list of recent messages sent by Facebook.
-
On the computer:
- Visit
- Click " View ” (“View”) next to “See recent emails from Facebook”. Account security messages are usually displayed on the first page. Touch " OTHER EMAILS ” (“OTHER EMAILS”) to view other categories of emails from Facebook.
- Click " I didn't do this ” (“I didn’t do this”) or “ Secure your account ” (“Secure your account”) if necessary.
-
On your phone or tablet:
- Open the Facebook app and tap the menu icon (three horizontal lines) or the large “F” at the bottom center of the screen.
- Choose " Settings & Privacy ” (“Settings & Privacy”) > “ Settings ” (“Settings”) > “ Security and Login ” (“Security and Login”).
- Choose " See recent emails from Facebook ” (“See recent email from Facebook”).
- Touch " I didn't do this ” (“I didn’t do this”) or “ Secure your account ” (“Secure your account”) if necessary.
Step 6. Restrict who can see your uploads
If you've never previously set an audience for posts on Facebook, it's possible that you've been sharing your posts publicly all along. When uploading content to Facebook, you can click or touch the small drop-down menu button above (mobile app) or below (desktop site) the typing area to define an audience (“ Public ” or “Public”, “ Friends ” or “Friends”, etc.). If you want to go back and limit the visibility of old uploads, follow these steps:
-
On the computer:
- Visit
- Click " Edit ” (“Edit”) next to “Who can see your future posts?” (“Who can see your future posts”) to set the privacy of the main upload.
- Click " Limit Past Posts ” (“Restrict Old Posts”) so that all publicly viewable posts (or friends of friends) can only be viewed or accessed by users who are already friends with you (“Friends only” or “Friends only”).
- Click " Check a few important settings ” (“Check some important settings”) at the top of the page to run a privacy check regarding additional settings you can change.
-
On your phone or tablet:
- Choose " Settings & Privacy ” (“Settings & Privacy”) > “ Settings ” (“Settings”) > “ Security and Login ” (“Security and Login”).
- Touch " Who can see your future posts? " to control the privacy of the main upload.
- Touch " Limit Past Posts ” (“Restrict Old Posts”) so that all publicly viewable posts (or friends of friends) can only be viewed or accessed by users who are already friends with you (“Friends only” or “Friends only”).
- Touch " Check a few important settings ” (“Check some important settings”) at the top of the page to run a privacy check regarding additional settings you can change.
- To see how your profile will appear to other users (on computers and mobile apps), visit your profile page, click or tap the three horizontal dots (…) icon at the top of the page, and select “ View as ” (“View as”).
Step 7. Encrypt all notification emails (for more advanced users)
Facebook gives you the option to encrypt all notification emails before they are sent to you. The encryption process can only be done through the Facebook website, and not the mobile app. You will also need an OpenPGP key to perform encryption. If you want to encrypt notification emails, visit scroll down and click “ Edit ” (“Edit”) next to “Encrypted notification emails” (“Encrypted notification email”), paste the OpenPGP key in the field, check the box, and click “ Save Changes ” (“Save Changes”).
Method 3 of 3: Use Facebook Carefully
Step 1. Make sure you are logged into your account on the right website
If you use a web browser to access Facebook, make sure the address shown in the bar is www.facebook.com, and not an address like “facebook.co”, “face.com” or “facebook1.com”. Fraudsters often choose site addresses that you might accidentally type into the address bar in a hurry.
Be especially careful when clicking links in emails from Facebook. Fraudsters may send an email that looks like it was sent by Facebook, but actually contains a link to a malicious site that will steal, don't enter any passwords or personal information
Step 2. Don't accept friend requests from unknown users
Fraudsters sometimes create fake accounts and make friends with other people. When they befriend you, they can flood your timeline, tag you in posts, send you malicious messages, and even target your other friends.
- If your friends' birthday and location information is visible to your friends on Facebook, and you frequently post your whereabouts, scammers can use those details and updates to hack passwords, or even rob your house when they know you're on vacation.
- Be wary when you receive a friend request from someone you think you've been friends with before. Fraudsters often impersonate or plagiarize the profiles of real users and try to befriend the friends of those users.
Step 3. Click the link carefully
Your friends can't always be protected from spam. If a friend uploads a suspicious link or “shocking” video, or sends a weird message, don't click on the content, even if the message was sent by someone you know. If one of your Facebook friends clicks on a spam link, they could accidentally (and unwittingly) send the spam to you.
This rule also applies to websites that look deceptive, browser add-ons and videos, and suspicious emails and notifications. If you receive an email asking for the password for the account you are using, do not respond to the email. Trusted companies will never ask you for your account password via email
Step 4. Review purchases through your account periodically
If you shop through Facebook, make sure you review your purchase history regularly. That way, if someone manages to access your account and shop using it (including a credit card or stored payment method), you can get help from Facebook's Payments Support Center.
- To view payment history on a computer, visit
- If you are using a phone or tablet, tap the icon with three horizontal lines or the letter "f" in blue and white, select " Facebook Pay ”, and scroll to the "Payment History" section.
- To review your payment history, visit the account settings menu or “Settings” and click the “Payments” tab.
Step 5. Report someone on Facebook
The reporting process will depend on what you are reporting.
- To report a profile, visit the profile in question, click or tap the three horizontal dots icon (…) at the top of the page, select “ Find Support or Report Profile ” (“Get Support or Report Profile”), and follow the on-screen instructions.
- To report a problematic upload, visit the upload, click or tap the three horizontal dots (…) icon at the top of the page, select “ Find Support or Report Profile ” (“Get Support or Report Profile”), and follow the on-screen instructions.
- To report a message, open the message you want to report on Facebook (or the Messenger app on a phone or tablet), click the gear icon or tap the sender's name, and select “ Something's Wrong " ("There is a problem").
Step 6. Block suspicious users on Facebook
If someone bothers you, sends you multiple friend requests, or tries to hack into your account, the best thing you can do is block them. He won't get a notification when he's blocked, unless he tries to visit your profile. By blocking a user, he or she will be removed from your friends list and trusted contacts list, and can no longer bother you. To block someone, click or tap the three-dot icon at the top of their profile page, select “ Block ” (“Block”), and follow the on-screen instructions.
Step 7. Don't forget to log out of your account when you use someone else's computer
This is important to do, especially when you use the computer in the library or internet cafe because many people you don't know will use the computer all day long.
Step 8. Perform regular malware and virus scans
The malware helps hackers break into Facebook's security tools so they can access your account. After that, hackers can collect personal information, send status updates and messages ostensibly sent by you, or flood your account with ads that can damage your computer. There are a variety of free anti-malware programs available on the internet. Facebook recommends ESET and Trend Micro as free scanning tools.
It's possible that your computer will be infected with malware if you've recently watched a “shocking” video of a Facebook post. Your computer can also become infected with malware if you visit a website that purports to offer special Facebook features, or download a browser add-on that may provide features that aren't actually available (eg changing the color of your Facebook profile)
Step 9. Update all computer programs
In particular, make sure the browser you are using is running the latest version. Facebook supports Firefox, Safari, Chrome, and Internet Explorer.
Step 10. Know how to spot a phishing scam
If you receive an email or Facebook message asking for personal information, it's possible that the message was an attempted scam. Always report any attempted fraud to Facebook via email at [email protected]. In order not to be deceived (phished or scammed), be aware of the following:
- Messages claiming to have your account password in their attachments.
- An image or message with a link that doesn't match what you see on the status bar when the cursor is hovered over the status.
- Messages asking for your personal information such as passwords, credit card information, driver's license details, social security card numbers, date of birth, and more.
- A message warning you that your account will be deleted or locked, unless you act immediately (as instructed in the message).
