🌐 Secure a Facebook Account

TYPE AUDIENCE PRIORITY COMPLEXITY EFFORT COST UPDATED
Preparation 🧑 ⭐⭐⭐⭐ ⭐⭐ 🧑 🆓 2021-08-07

Rationale

Facebook typically not only has a full history of what you've posted, read, and liked on the platform, it also shows all your connections, your messenger chat history, and it is a trusted representation of you online - i.e. if someone else was using your account, many of your connections would believe it to still be you. Facebook accounts are sometimes also used to manage Groups and Pages.

That's why it is essential that you protect your personal Facebook Account so that this information and access does not fall into the wrong hands.

Instructions

What you should know

The advice here relies on password and authentication best practices, which have been elaborated in other guides we will link to. There may be a lot of information to take in, but what you will learn by following these guides will also be applicable to securing your work accounts, Email, Twitter, Online Banking and any other online accounts that you want to protect.

What you should prepare

A password managed is central to our personal digital security efforts, so make sure you have set one up. Two-Factor authentication further reduces the risk of remote account take-over, so to prepare:

  1. 🔒 Setup a Bitwarden Account as your password manager
  2. 🔒 Setup Bitwarden on Desktop if you are using a computer, or 🔒 Setup Bitwarden on Mobile if you are managing the Facebook Page on mobile
  3. Finally, 🔒 Setup an Authenticator for Multi Factor Authentication

Once you have these security tools in place, it will be easy to properly secure your Facebook Account.

What you should do

1. Generate a Strong Password

Since you have setup Bitwarden, you can use it to 🔒 Generate Strong Passwords.

  1. Go to Facebook's Setting
  2. Select "Security and Login"
  3. Select "Change Password" under the Login Section
  4. Provide your current password, and then copy/paste the strong password you've generated with Bitwarden as your "New Password"
  5. Tap "Save Changes" for your new password to take effect
  6. Important Bitwarden should prompt you to store your password if you logged in on a computer. Instruct Bitwarden to store your login profile or update the existing one. If you're on mobile, add the profile to Bitwarden. If you're unsure how, follow the steps under "Create New Logins" from the BitWarden guide for iOS or Android.

See this WikiHow guide if you're unclear on how to change your password.

2. Activate Multi-Factor Authentication

For your second layer of security, we'll be using a Timed-One Time Password, managed by the Authenticator you've setup as part of the preparation steps.

Follow the guide to 🔒 Setup 2FA for Facebook.

3. Complete Facebook's Privacy Checkups

Facebook really has a wealth of settings to configure, making it a bit overwhelming. Luckily Facebook provides a number of guided topics where you can tighten your privacy and security settings.

Visit Facebook Privacy Checkup, and configure the settings according to your preferences, or follow out suggested settings which are aimed to minimise your digital footprint / exposure, while still maintaining a Facebook account.

Who can see what you share
  1. Profile Information - set everything to "Only Me", or even better would be to edit your profile and remove this information as much as possible.
  2. Posts and Stories - "Friends" or "Friends Except", also make sure to click on "Limit" to Limit Past Posts to only your friends
  3. Blocking - Block anyone you don't trust.
How to keep your account secure
  1. Is Your Password Private? - This should be OK if you followed Step 1.
  2. Two-Factor Authentication - This should be ON if you followed Step 2.
  3. Control Your Alerts - Turn all of them on as you want to make sure you see unauthorized logins whenever they happen.
How People Can Find You on Facebook
  1. Friend Requests - If you are operating an anonymous account, select "Friends of Friends"
  2. Phone Number and Email - set both to "Only Me"
  3. Search Engines - "Off"
Your Data Settings on Facebook
  1. Apps and Websites - Remove all your don't absolutely need.
  2. Face Recognition - "Off"
Your ad preferences on Facebook
  1. Profile Information - set all to "Off"
  2. Social Interactions - set to "Only Me"

Pasted image 20210807171412.png
Finally, set yourself a reminder in 1 to 3 months to review the above and make sure none of the settings have reverted.

4. Review Additional Privacy Settings

Let's make sure your social network isn't exposed:

  1. Go to Facebook Settings
  2. Click on Privacy
  3. Make sure "Who can see your friends list?" is set to "Only Me"

Now let's also go through the posts you have been tagged in and remove yourself from sensitive posts:

  1. Make sure "Who can see the people, Pages and lists you follow?" is set to "Only Me"
  2. Click on "Use Activity Log" next to "Review all your posts and things you're tagged in"

5. Turn Off Location

Pasted image 20210807171547.png
Visit Location Settings, and turn it "Off"

6. Limit Tagging

Don't make it easy for people to find you through tagged photos and posts:

  1. Go to Facebook Settings
  2. Click on Profile and Tagging
  3. "Who can see what others post on your profile?" - set to "Only Me"
  4. "Who can see posts you're tagged in on your profile?" - set to "Only Me"
  5. "When you're tagged in a post, who do you want to add to the audience of the post if they can't already see it?" - set to "Only Me"
  6. "Review posts you're tagged in before the post appears on your profile?" - set to "On"
  7. "Review tags people add to your posts before the tags appear on Facebook?" - set to "On"

7. Review apps authorized to access your Facebook Profile

Facebook offers the ability to log in to other services with your Facebook account - sometimes this also provides the third-party service with additional information if you have consented to the data being shared. It's good practice to review what you've shared with other services from time to time and remove or limit the services that don't need that much access to your data.

Pasted image 20210808133854.png

  1. Go to Facebook Settings
  2. Click on "Apps and Websites"
  3. Go through the list and either remove or edit the services, alternatively you can turn the "login with facebook" feature off by clicking "Turn Off" in the "Apps, websites and games" section at the bottom of the page.

Pasted image 20210808142355.png

Sources :