How to Lock Down Your Facebook Account for Maximum Privacy and Security

Facebook's configuration of default privacy settings is geared towards invading your privacy and often forces you to share your data and your friends' data if you want to use apps.


Every action you take on Facebook has privacy and sharing implications that need to be considered before you upload that next selfie. The fact that Facebook has over a billion members, and some are out to hack, scam and victimize others makes the issue even more pressing.

  • When you post a picture of your kids at a family gathering, which one of your Facebook friends can share it?
  • What private information are those Facebook game apps collecting on you for “third-party uses”?
  • How do you make sure that live video stream is seen only by people you choose?
  • We have compiled some information to help you understand and setup your Facebook account privacy and security controls quickly, easily and appropriately for your comfort level of sharing.

    Our recommendations will tend to lean toward greater privacy, but feel free to make selections to suit your personal preferences.


    To begin you’ll need to login to your Facebook account on a computer. Click the down arrow located in the top right corner and select the “Settings” link towards the bottom of the menu then look to the left hand side menus.



    facebook general account settings 


    Consider using a nickname if you want to keep your account as private as possible.


    Use a dedicated email address for Facebook.

    If you use an email account that you also use for banking or other sensitive information, then you are opening yourself up to a world of hurt if your Facebook account is ever hacked.

    You can change to a new email address by first adding a new email address, verifying it and then go back in and remove the old one. There are several free email providers – Gmail, Hotmail, Yahoo and so on if you need to create a new email for your social media accounts.


    Create a strong, secure password:

    Don’t use the same password for Facebook that you use to access other accounts.

    For more information on the importance on having a good password, see our post on Password security.



    Password Protection – Two-factor authentication, we also recommend enabling two-factor authentication on this account if available.


    Manage Account: Allows you to set a specific person/contact to manage your account so it can be deactivated by your designated contact person if it is no longer required and you are not able to it yourself.



    facebook security and login settings 

    When you're logged in:

    This feature shows all of the devices that is currently logged into your account. It’s a good idea to view this often and log out of all devices if you don’t recognize a login. This is a good way to remotely log out of a computer or device that you no longer have access to, for example, after you have logged in at a friends place & forgotten to log out.

    Change Password:

    Be sure to create a strong, secure password. Don’t use the same password for Facebook that you use to access other accounts. For more information on the importance on having a good password, see our post on Password Security.



    Password Protection – We also recommend enabling two-factor authentication on this account if available.


    Setting up Extra Security:

    We highly recommend the features in this section to maximize account security, especially alerts about unrecognised logins, two-factor authentication and Trusted Contacts.


     privacy settings and tools

    The settings here are likely vary based on personal preferences of each user.

  • Who can see my stuff – at a minimum, we recommend setting default sharing option to Friends Except Acquaintances.
  • Who can see my friend list – We highly recommend setting this to Only Me. This can help protect you from profile cloning scams.
  • Limit the audience for old posts on your Timeline – Definitely do this.
  • Who can look me up – set these according to your comfort level.
  • We recommend that you do NOT share your phone number with anyone other than your Friends
  • We recommend that you do NOT let search engines outside of Facebook link to your profile.

    Under Timeline and Tagging, we recommend using the options shown below.

    You should definitely review posts that you are tagged in before they appear and also review tags people add to your own posts before the tags appear on Facebook.

    It’s also very important to set your ‘tag suggestions’ on photos to No One.

    facebook timeline and tagging settings 

    Note – When you’re tagged in a post if you don’t see 'Friends except acquaintances' on your options, you can select Custom and manually add the contacts that you don’t want to share with or choose 'Only Me'.


    Here you can manage all of the people, applications and events that you have blocked on Facebook. It is a good idea to block friends that have had their accounts hacked. You can remove the block once they have reclaimed their account. This keeps hackers from accessing your personal information reserved just for friends.

    Restricted List – If you have people on your friends list that you only want to share public items with.


    Block users – You can also consider using 'Block users' if you have a friend that is friends with someone else that you don’t want them to be able to see your timeline.

    Use the App blocking section to restrict invites from annoying applications and games.


    facebook app blocking settings 


    If you go through each section you will see an explanation & you can then determine if you have something that you wish to block and the relevant section to do so.

    For example, if you have a page that keeps appearing on your timeline & you want to block it, you would use the Block pages section: eg Wix


    Choose the settings for each category according to your comfort level

  • If you opt-in to receive notifications, be mindful that many phishing scams try to mimic Facebook notifications.
  • Do not follow any external links in suspect messages.
  • Always log in directly to Facebook to check and adjust account settings.
  • Mobile:

  • You will need to enter a mobile number here to enable login approvals.
  • If Facebook doesn’t recognize your browser they will send you a code via text message that you must enter to complete the login.
  • You can set the Time of day that you will receive notifications from Facebook to avoid being interrupted during a set time frame.
  • Public Posts:

    This section allows you to set who can follow you on Facebook and manage other settings relating to your activity on public posts. Set these according to your comfort level.

    Keep an eye out for our next post in this series 'Curious & Curiouser TECH TIPS' on controlling Facebook advertising.