Recent studies show that privacy concerns are very much on the minds of Facebook users. Part of being a responsible member of any online community is educating yourself and your loved ones on how to properly configure the privacy and security settings offered by the platform. The fact that Facebook has over a billion members, and some are out to hack, scam and victimize others makes the issue even more pressing.
Our goal was to create a guide that Facebook users could reference to help them set up their privacy and security controls quickly, easily and appropriate for their comfort level of sharing.
This walk-through will show you how to configure your General, Privacy and Security Settings:
We will start out with the General Settings. Click the padlock icon located in the top right corner and select the ‘More Settings’ link. Or, if you are logged into Facebook, you can click this link and it will take you straight there: https://www.facebook.com/settings.
- Use a dedicated email address for Facebook. If you use an email account that you also use for banking or other sensitive information, then you are opening yourself up to a world of hurt if your Facebook account is ever hacked. There are several free email providers – gmail, hotmail, yahoo, just to name a few.
- Create a strong, secure password. For more information on the importance on having a good password, see our post: The Top Ten Commandments of Password Protection. (Don’t use the same password for Facebook that you use to access other accounts)
Security Settings -
Click the ‘Security’ tab located in the left column:
- Enable Login Notifications – (this lets you know when your account has been accessed)
- Require Login Approvals – (this will require you to enter a code sent to you via text message if Facebook doesn’t recognize the device). This is a great way to prevent your account from being hacked. You can enable text notifications or use the Code Generator.
- Code Generator - Lets you get a code from the mobile Facebook application to complete the ‘Login Approval.’
- Setup a List of Trusted Contacts to help you reclaim a hacked account or if you lose your password.
- Trusted Browsers - We recommend not saving any browsers and logging out after each Facebook session.
- Where You’re Logged In – This shows different locations / devices you are currently logged into Facebook. End any active sessions you don’t recognize, and monitor this closely if you think your account is being accessed by a third party.
Click the ‘Privacy’ tab located in the left column:
- Set default privacy/sharing option to Friends.
- Use the Activity Log to review all your posts and things you’re tagged in
- Limit the audience for old posts on your Timeline
- Set who can send you friend requests. If you want people from your past to be able to locate you, then you’ll have to set this to everyone.
- Select if you want Basic or Strict filtering for your inbox.
- Set “Who can look me up?” to Friends
- Don’t allow search engines to link to your Timeline
Timeline and Tagging
-Click the ‘Timeline and Tagging’ tab located in the left column:
- Under Timeline and Tagging, we recommend using the options shown above
Click the ‘Blocking’ tab located in the left column:
- Here you can manage all of the people, applications and events that you have blocked on Facebook. It is a good idea to block friends that have had their accounts hacked. You can remove the block once they have reclaimed their account. This keeps hackers from accessing your personal information reserved for friends.
- Use the ‘Restricted List’ if you have people on your friends list that you only want to share public items with.
- Use the App blocking section to restrict invites from annoying applications and friends.
If you opt-in to receive notifications, be mindful that many phishing scams try to mimic Facebook notifications.
Click the ‘Mobile’ tab located in the left column:
- You will need to enter a mobile number here to enable login approvals. If Facebook doesn’t recognize your browser they will send you a code via text message that you must enter to complete the login.
Click on the ‘Followers’ tab located in the left column:
- If you enable followers, these people will be able to see all of your public posts.
Click the ‘Apps’ tab located in the left column:
- We recommend configuring your App settings as shown above.
- Don’t install questionable third party apps and remove anything suspicious. For more information on why you shouldn’t install questionable FB apps, see this post: Why You Should Not Install Fun and Entertaining Facebook Applications.
- If you don’t use apps at all and have no desire to, then you can totally disable them in the Apps you Use settings:
- You’ll also want to edit the Apps others use setting to keep the applications your friends use from accessing your data:
Click the ‘Ads’ tab located in the left column and edit these settings to ‘No one.’
Support Dashboard -
This tab shows you the status of anything you have reported to Facebook.
Privacy Shortcuts -
Click the Padlock icon in the top right corner for quick access to these settings:
- Set Who can see my future posts to Friends.
- Use the Activity Log to review items you’ve been tagged in.
- If you are ever curious to see how your Timeline appears to others, you can use the What do other people see on my timeline? feature.
- Use Strict Filtering to limit the amount of spam you receive in your Facebook Messages folder.
- Determine who you want to be able to send you friend requests – Friends of Friends or Everyone.
- You can easily block people from contacting you by adding them here.
Another important setting that is often overlooked is limiting who can see your ‘Friends List.’ This post gives detailed instructions on how to set this item appropriately.
- It is best to set this to Only Me. If you have a friend that loses their account to a hacker, this can limit the damage they can do with fake Facebook profiles and the like. (Always block or unfriend a compromised account until it is reclaimed by your friend.
- Edit & Set Sharing Controls for all of the fields here to your sharing comfort level.
- Only input information that you would be comfortable with the whole world seeing. Even if you set items to just “Friends,” what happens if a friend gets hacked? You don’t want a scammer having access to information that is typically reserved for just your friends.
- We recommend the following settings
- Only set items to be shared with ‘Friends’ or ‘Only Me.’ Don’t set anything to Public.
- Show only the month and day of your birthday on your Timeline or a better option is to not display it at all.
- Set your mobile phone visibility to “Only Me.”
- Don’t enter your work or home phone numbers.
- Do not enter your complete address – (only enter City & State or leave it totally blank)
- Public Pictures – Your profile picture and cover photo are public by default, and this setting can’t be changed. If this concerns you, then don’t use a personal photograph. Also, be sure to use sharing controls for your photos and albums.
- Be careful what you post – once you post something online it can potentially come back to haunt you. Use the built in sharing controls for status updates and other posts to limit access to the intended audience.
- Be careful what you click – Even if all of your controls are set properly, clicking malicious links and installing malware can not only wreck your computer system, but it can affect your privacy and online safety as well.
- Log out of Facebook – Facebook has been known to track user activity on other websites, so logout when you are not using Facebook. Also, staying logged in can make it easier for your account to be hacked if you login from shared computers.
- Anti-virus software – install a reputable security software application and keep it updated.
- Facebook Help Center – Be sure to check this valuable resource for more information on any of the topics discussed in this post.
Article Updated July 29, 2014
BitDefender Traffic Light is a free cross-browser add-on that intercepts, processes and filters all Web traffic, blocking any malicious content and taking browser security to new levels.
Private Internet Access is an award-winning, cost-effective VPN solution. The use of an anonymous and trusted VPN is essential to your online privacy, security and identity protection!