Keeping the information you post onto Facebook private and secure is one of the most important things you need to get right when using the social networking website.
It doesn’t matter who you are, you absolutely need to make sure that your Facebook account is secure and that it’s not sharing too much information that could potentially be valuable to cyber crooks.
It is vital that each user takes responsibility for themselves on Facebook, and understands exactly how the privacy options work and to ensure they are applied correctly. This article explains how Facebook’s privacy settings work and how to keep your account secure, which helps prevent you from becoming a victim to any number of different scams that operate on social media.
So read on for our ultimate guide for locking down your Facebook profile for optimal privacy and security.
1. Setting your default privacy to Friends Only
The most important Facebook privacy settings can be found in your main settings under Privacy. For desktop users, click the arrow on the top right and select Settings and then Privacy. For mobile app users, go to the apps settings menu and select Privacy.
This directs you to all of your key privacy settings, the most important of which are located within the Who can see my stuff? section. The first option, Who can see your future posts? is the setting that controls who can see the information you post to the site including status updates, check-ins, photos and links. It is important that this is set to Friends meaning only friends can see the information you post.
This only affects information you post from that point onwards. To protect information you have already posted, we recommend that you select the Limit Past Posts option, in the same section. This applies the Friends option to everything that you have already posted onto the site.
In the same section we also recommend setting the Who can look me up? options to Friends for both email and phone number.
2. Control tagging
Now you’ve set your default privacy to friends only, only your Facebook friends can see what you post. However there is an exception. Tagging.
If you upload content – like a photo – onto Facebook, and one of your friends tags someone in that content, then that content now becomes available to the friends of whoever was tagged. These may be people you don’t know.
We recommend enabling a feature on Facebook that allows you to review tags your friends make on your content before that tag becomes “official”. This way, you keep control of the people who see that content because you can deny tag requests which can extend the visibility of your content.
To enable the feature, go to the Timeline and Tagging section of your Facebook settings and enable the ”Review tags people add to your own posts” option.
While you are in this section, we also recommend enabling the “ Review posts friends tag you in before they appear on your timeline” option. This is the closest Facebook users can get to prevent themselves getting tagged in other peoples content. It doesn’t prevent the tag, but it does prevent tags appearing on your Facebook timeline until you approve the tag.
3. Enable Login Alerts and Approvals
Login Alerts are designed to alert you every time a device logs into your account that Facebook doesn’t recognise. That means if the device hasn’t logged on to your account before, you can get an alert. This can be useful to alert you to unauthorised access to your account. Alerts can be sent to either your mobile or email address.
Don’t worry, you won’t get an alert every time you login to Facebook, since after the first time you login it will recognise your device. You will get an alert each time you login from a new device or browser.
Login Approvals on the other hand are Facebook’s answer to ‘two step authentication’ and will actually prevent users from logging in from unrecognised devices until they provide an additional piece of information. Most commonly, this is a code sent to your phone through SMS or a code generator app on your phone. Without that code, you cannot access your Facebook account, even if someone has the username and password for it.
Again, this will only trigger on unrecognised devices. You don’t need to do it every time you login from your own computer or phone.
For optimal security, we recommend enabling Login Approvals, but at the very least you should enable Login Alerts. Both options can be enabled and setup in your main settings under the Security section.
4. Limit your About Information
Facebook wants you to tell them about yourself, such as your date of birth, phone number, home town, workplace, what school you went to and your relationship status. If you give this information to Facebook, it is located in your About section by clicking About on your profile.
We recommend thinking carefully about what information you choose to share on Facebook.
Firstly, always make sure that all this information it set to either Only Me or Friends Only. This is not information you want to share with strangers on Facebook since it can make you the target for identity fraud where criminals takes your information and use it to help them pretend to be you.
It’s also worth remembering that it’s not outside the realms of possibility that cyber crooks can infiltrate a friends account meaning they may be able to see that information, even if it is set to friends only. So think carefully about the information you include in the About section. We recommend keeping your year of birth and your phone number (if you use it for Login Approvals) set to Only Me.
5. Hide your friends list
Hiding your friends list prevents people from seeing who you’re connected with on Facebook. We recommend this because allowing strangers to see your friends on Facebook can make them the target for cloning scams. This is where criminals will set up an account that looks like yours with your name and profile picture and send friend requests to all your contacts pretending to be you. Read more about cloning scams here.
To hide your friends list, go to your profile and click Friends (Desktop users only). On the pencil icon click the Edit Privacy option and select Only Me.
6. Close Unrecognised Sessions
Every time you login to Facebook and don’t log out, the session remains open. Most Facebook users will have a number of sessions open at one time. For example for their mobile phone, tablet and computer and possibly after logging in from a friends or family members computer.
A session will have the approximate location recorded next to it, often in the nearest city or location of your nearest ISP point. We recommend checking your open sessions and closing any that are suspicious – i.e. nowhere near a location where you’ve logged in. This prevents that device from auto-logging you back into Facebook.
To do this, go to your Settings page and click Security and select Where You’re Logged In and review the open sessions.
7. Limit previous profile pictures and cover photos
Step one should sort out all your photos in terms of privacy, but old profile pictures and cover photos may remain public. Go to your Photos and then Profile Pictures and Cover Photos albums and ensure each photo has the Friends Only icon associated with it.
Important: Note that your current Profile Picture and Cover photo will be publicly visible.
8. Prevent Friends Facebook Apps from seeing your information
Facebook Apps that friends install can access certain information about you, and since you may not trust these developers, we recommend preventing that. To stop this happening go to your Settings page and click Apps. Select Apps Others Use and ensure all the checkboxes are NOT selected.
– Regularly review your Activity Log for photos of yourself that are public.
– Regularly check installed application by selecting the Apps option in your privacy settings. Make sure you remove untrusted apps.
– Be aware that both your profile picture and cover photos are public and this cannot be changed. Do not make any of these photos something you don’t want people seeing.
– Regularly check your activity log for public photos that you are tagged in, and untag photos you do not wish to be tagged in.
– Suggest to your friends to tighten their privacy settings as well, especially if they regularly upload photos with you in them!
And finally, the most important part of the article, and advice we certainly recommend…
Facebook is a social networking site, designed for sharing. It can be argued that social media privacy is an oxymoron – for this reason never post or upload information onto the site that you cannot risk falling into the wrong hands.
Are you happy with Facebook’s privacy settings? Do you think privacy violations happen mostly because of Facebook or their users being too cavalier with their privacy?