Facebook privacy settings on iPhone: Medium level

Learn how to change your privacy settings on Facebook using iPhone. These steps adjust your privacy and security settings to Medium level protection.
Kaspersky Lab
26.06.2023
18 minutes
Change settings
Privacy level
Choose
Platform
Choose
What are we setting up here?
Choose
ApplyCancel

How to keep your account from getting hacked

open all


Set a strong password

What for: So you don't get hacked.

If you use a short and simple password for your Facebook account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

  • Is at least 8 and up to 20 characters long;
  • Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
  • Is not an actual word or easy-to-guess phrase;
  • Is not the same as for any other account, including your Apple ID password;
  • Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to the Password and security section;
  4. Tap Change password;
  5. Enter your current Facebook password;
  6. Enter a new strong password twice;
  7. Tap Update password.

Enable two-factor authentication

What for: So you definitely don't get hacked.

Facebook can be configured to request a one-time code or physical security key when you log in to your account. That way, even if cybercriminals learn your username and password, they will not be able to use them without the one-time code or security key. The code is sent via SMS to your specified phone number or generated in a dedicated application (for example, Google Authenticator), while the security key is a small hardware device used to authorize your login.

To enable two-factor authentication:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to the Password & security section;
  4. Tap Use two-factor authentication;
  5. Select the authentication method:
  6. Authentication App;
  7. Text Message (SMS);
  8. Security Key.

Remember that a text message with the code can be intercepted by malware, and a physical security key can be lost, which is why using a two-factor authentication app is a safer option. Facebook can also use the phone number you linked to your profile for targeted advertising.

With two-factor authentication, you can log in to your account even if you lose your phone. For that, you need the recovery codes. To get them:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to the Password & security section;
  4. Tap Use two-factor authentication;
  5. Select Recovery codes and tap Show codes;

Enter your current password and tap Continue.

Each of the ten codes can be used only once. Write them down, copy them, or take a screenshot of them, and keep the information in a safe place.

Verify the list of trusted devices

What for: So nobody can log in to your account on your old phone.

By default, Facebook trusts any devices from which you previously logged in to the social network. When signing in on them, a one-time code is not requested. If your old phone ends up in the hands of strangers, they will be able to log in to your account bypassing two-factor authentication. To avoid this, include only devices that you currently use in the trusted list:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to the Password & security section;
  4. Tap Authorized logins;
  5. Remove the ones you don't use from the list of trusted devices.

If necessary, you can still log in to Facebook from any device using two-factor authentication.

Enable suspicious activity alerts

What for: To change your password promptly if you get hacked.

Facebook can notify you every time your username and password are entered in a new browser or on a new device. If a stranger logs in to your account, you will be notified so that you can change your password right away. To this end, the social network will send you an e-mail or notification to a trusted device.

To enable suspicious activity alerts:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to the Password & security section;
  4. Tap Get alerts about unrecognized logins;
  5. Specify how you prefer to receive suspicious activity alerts selecting one of the options:
  6. Notifications;
  7. E-mail address;
  8. Tap Save.

We recommend activating both alert channels so that you can receive warnings even if one of the channels is unavailable, for example if you lose your phone or your e-mail is hacked.


How to keep corporations out of your business

open all


Disable access to the contact list

What for: So Facebook does not know more than it needs to.

The Facebook app requests the contact list of your phone to help you locate the people you know on the social network. However, the information about your contacts is also used to create targeted ads and generate news feed. Moreover, your information is shared with third parties, which increases the risk of a leak.

To prevent Facebook from using your contact list:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Permissions section, go to Upload contacts;
  4. Disable the Upload contacts feature.

Downside: The social network will not prompt you to befriend your new acquaintances whose numbers you store in the contact list.

If such apps as Instagram, Messenger, or WhatsApp, which are owned by Facebook, have access to the contact list, this information can still be used by the social network.

Keep in mind that you have to disable access to contacts on all your devices with contact lists.

You can check which contacts are already uploaded to your accounts and remove any unwanted information here:

Limit access to location data

What for: So Facebook does not know where you go.

The Facebook app can access information about your location. This information is used to geotag your posts and stories and configure recommendations and targeted advertising. If you do not want to share your location with strangers and the social network, disable access to location data:

  1. Open Settings on your device;
  2. Go to the Privacy & security section;
  3. Open Location Services;
  4. Find Facebook in the list of apps;
  5. Select Never.

Downside: Facebook will not be able to alert your friends when you are nearby or show you nearby events. You won't receive adverts based on your current location, either.

If such apps as Instagram, Messenger, and WhatsApp, which are owned by Facebook, have access to location data, it can still be used by the social network.

Disable integration with questionable sites

What for: To prevent potential data leaks.

Many apps and websites allow users to sign in with their Facebook account. That gives the owners of such third-party services access to your publicly available information and profile-linked e-mail address. Developers that have passed a review can request permission to create posts on your behalf or send you advertising messages.

In general, logging in through Facebook can be convenient: It eliminates the need to create and memorize logins and passwords for each service. However, after logging in to a website through Facebook, we may forget we did so. As a result, the account becomes linked over time to a long list of third-party resources.

Remember that services connected to your account can become a source of data leaks or post advertising messages on your behalf. Although Facebook clears the access list automatically, we recommend manually removing any unwanted services from this list from time to time.

To see which sites and apps have access to your profile and to revoke permissions:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Permissions section, go to Apps and websites;
  4. Go through the list of applications and, in the menu of the ones you don't trust, tap Remove;
  5. To remove all content that the app or website published on your page, select Delete posts, videos or events that posted on your timeline;
  6. Tap Remove.

If you prefer not to log in through Facebook at all, disable this feature entirely:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Permissions section, go to Apps and websites;
  4. Under Apps, websites and games, tap Turn off and confirm your choice.

Downside: You will no longer be able to use your Facebook account to log in to third-party apps, games, and websites.

Restrict the use of information about your off-Facebook activity in advertising

What for: To keep Facebook from personalizing ads based on your actions on other websites and in other applications.

The social network's partners share information about your actions on their websites and in their mobile applications with Facebook. In particular, if you purchase something through a service that you logged in to with your social network account or that has the social network's analytics tools built into it, Facebook will learn that and will use information about your purchase for personalizing ads. For instance, if you have looked for a hotel in another town using a lodging search application, Facebook will show you ads for airlines that sell flights to that town. It is not just on the device that you used to search for a hotel but every other place where you are logged in.

The social network lets you find out which of your app activities it stores and restrict the use of that information for ad personalization. This is a highly useful feature: it shows just how much the company knows about your online activity. Besides, you may want to keep your visits to some of the services that share information with Facebook private, e.g. from friends who can see your Timeline.

To prevent Facebook from using information about your online activity for personalizing ads and clear the activity log:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to Off-Facebook activity;
  4. If you want to clear your activity log, tap Clear History and confirm;
  5. Select Disconnect Future Activity;
  6. Disable the Future Off-Facebook Activity option and confirm.

The new settings will take effect within two days. The amount of ads will remain unchanged, but they will no longer consider your activity outside of Facebook.

Bear in mind that although Facebook will stop using that information in selecting ads, the social network will continue to receive it from partners.


How to defeat spammers and trolls

open all


Limit the ability to comment on your posts

What for: To remove irrelevant comments.

By default, all Facebook users can leave comments under your posts, an ability that spammers and trolls often abuse.

To make sure that only your friends can comment on your posts:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Followers and public content;
  4. Under Public post comments, select Friends.

You can also block the app from showing comments containing certain keywords or hashtags on your timeline. In this way you can hide offensive comments or other unwanted content. This feature can be configured only in the settings of the Facebook Web version.

Block unwanted users

What for: To avoid unpleasant people.

If you want to stop a specific user from commenting on your posts, block that user. Blocked users will not be able to view your profile, leave comments under your posts, or send you private messages. In this case, the user will not know that you blocked them.

To block a user:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Blocking;
  4. Tap on the plus icon and enter the name of the user you want to block;
  5. Tap Block and confirm your selection.

Limit the ability to tag you in posts

What for: Peace of mind.

Other Facebook users can tag you in their posts. By default, such posts appear in your timeline and your friends get notified about them. But what if somebody tags you in an offensive or fraudulent post — or if

your friends tag other people in your posts? The point is, tagging isn't always welcome.

You can limit other users' ability to tag you in their posts as well as configure the app to request your confirmation every time you get tagged:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Profile and Tagging;
  4. Tap Who can see posts you're tagged in on your profile? and select one of the options:
  5. Friends of friends;
  6. Friends;
  7. Friends except...;
  8. Only me;
  9. Go back, tap Review tags people add to your posts before the tags appear on Facebook? and activate the Review Tags on Your Posts option;
  10. Go back, tap Review posts you're tagged in before the post appears on your profile? and activate the Review Posts You're Tagged In option.

Remember that posts in which you have been tagged will still be available in search results and other Facebook sections. To delete such a tag in somebody's post:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Your information section, tap Activity log;
  4. Tap Manage tags under Activity you're tagged in;
  5. Tap the button with three dots to the right of the post you want to remove the tag from;
  6. Tap Remove Tag.

Restrict others from posting on your profile

What for: To get rid of spam.

By default, people in your friends list can post on your wall. Sometimes, such "friendly" publications are anything but good, and if any of your friends' accounts get hacked you might see lots of unwanted posts on your profile.

To limit the ability to post to your profile:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Profile and Tagging;
  4. Tap Who can post on your profile? and select Only me;
  5. Go back and tap Who can see what others post on your profile? and select Only me.


How to hide posts from unwanted people

open all


Configure visibility of posts

What for: So your posts will be seen only by those for whom they are intended.

You can choose who will see your Facebook posts. By default, they are visible to all of your friends. That can be inconvenient if you would prefer not to share your private life with some of them.

You may already have changed this setting and made your posts publicly available. Remember that information from your posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

To configure the default visibility of your posts:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Posts;
  4. Tap Who can see your future posts?;
  5. Select which group of users will see your posts by default:
  • Friends — posts are visible to friends only;
  • Friends except… — posts are visible to all friends except those listed;
  • Specific friends — posts are visible to friends on the list only;
  • Only me — posts are visible to no one but you.

Remember that you can change the visibility of each individual post when publishing or after, without changing the default settings.

  1. To restrict the visibility of your post when you create it:
  2. Tap the button under your name;
  3. Choose the user group you want to see your post, and tap Done.
  4. To configure the visibility of an existing post:
  5. Tap on the three dots to the right of the post title;
  6. Select Edit privacy in the menu that appears;
  7. Choose the user group you want to see your post, and tap Done.

Earlier versions of the Facebook app for some types of devices did not include a function for restricting the visibility of posts, but you can still customize their visibility.

To make a post created in earlier versions of the application visible to only your friends:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Posts;
  4. Tap Limit who can see past posts;
  5. Tap Limit Past Posts and confirm.

Downside: Your past posts will remain visible to anyone tagged in them, and their friends.

Limit access to stories

What for: So your stories are visible only to those for whom they are intended.

Other Facebook users can see your stories and share them with their friends. So your personal information might become available to outsiders, and details from stories could be exploited by attackers.

To limit access to stories:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Stories;
  4. Tap Story privacy and select a group of users who will be able to view your stories:
  5. Friends;
  6. Custom;
  7. Hide story from...;
  8. Go back to the Stories section and select Sharing options;
  9. Under Allow others to share your public stories to their own story? and Allow people to share your stories if you mention them?, select the Don't allow option.

To limit the visibility of a story when posting it:

  1. After you select a photo or video for your story, tap Privacy in the lower left corner of the screen;
  2. Select a group of users who will be able to view your story;
  3. Tap Save.

To limit the visibility of a story already posted:

  1. Select Your story at the top of your news feed;
  2. Tap the three dots in the upper right corner of the screen;
  3. Select Edit story privacy;
  4. Select a group of users who will be able to view your story;
  5. Tap Save and confirm.

Stop users from sharing your posts in stories

What for: To keep your posts from being shared beyond the intended audience.

Other Facebook users can add your posts to their stories. This means that your posts can be viewed by people who are not among your friends. You can prevent other users from sharing your posts.

To prevent your posts being shared in stories:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Profile and Tagging;
  4. Tap Allow others to share your posts to their stories? and select No.

Keep in mind that Facebook offers other ways to share your posts. For example, users can repost them or send your post in a direct message.

Restrict access to your Reels

What for: To not share the details of your personal life with strangers.

By default, your short videos are visible to all Facebook users in the news feed, on the Watch tab, and in other sections of the social network. Information from the videos can be used by cybercriminals and trolls.

To prevent that from happening, follow these instructions:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Reels;
  4. In the Reels default audience section, select Friends or Friends except...;
  5. Tap Done.

In addition, if you post a public reel, anyone on Facebook will be able to share it in their story. If you want to prevent users from linking to your short videos in their stories, do the following:

  1. In the same settings window, under Allow others to share your reels to their stories? select No;
  2. Tap Done.

Your digital life mattersProtect it with the new Kaspersky

How to prevent your personal data from being exposed

open all


Configure visibility of your profile data

What for: To protect yourself from spammers and other shady people.

Cybercriminals can use information from your profile to do all kinds of unpleasant things. For example, they can bombard your phone with spam calls or text messages. Also, contacts from your social network profile, in combination with certain publicly available information about your life, can be a treasure trove for criminals aiming to defraud you financially. Detailed information about your job or interests helps them contrive persuasive stories.

By default, your phone number is visible to all of your friends. Friends of friends can see your date of birth. Information about your city, place of work or study is publicly available.

To hide this information:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Profile information;
  4. Set each of the items to Only me, and the information will not be visible to anyone except you.

After configuration, you can see how your profile looks to other users:

  1. Tap the menu icon in the lower right corner of the app;
  2. Under your name select See your profile;
  3. Tap the button with three dots under your profile image and select View As.

Downside: Your friends may have trouble locating your Facebook profile or contacting you by phone.

Limit visibility of subscriptions

What for: To conceal information about your interests.

By default, people, pages, and lists that you follow are visible to all users.Fraudsters can use information about your hobbies and interests to concoct more believable stories. And your employer probably doesn't need to know that you are subscribed to ten job search groups.

You can make your subscriptions visible to all or some friends, or hide them from everyone but you:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Followers and public content;
  4. Tap Who can see the people, Pages and lists you follow? and select one of the options:
  5. Friends;
  6. Friends except...;
  7. Specific friends;
  8. Only me.

Hide your status

What for: To stop showing everybody when you are online.

Facebook shows your friends when you are, or last were, online. Your ex-partners or other interested people could monitor your status and spam you with their messages when you are online.

Also, if you befriend people you don't know personally, this information could be used by an intruder to choose the best time to hack your account. By observing your status over a period of several days, they will see when you are likely to be offline and unable to respond promptly to an attack.

To stop Facebook from showing your status:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Audience and visibility section, go to Active Status;
  4. Disable the Show when you're active feature;
  5. Select Turn off in the dialog that opens.

Downside: You will also be unable to see the status of your friends.


How to get rid of unwanted notifications

open all


Turn off unnecessary notifications

What for: To avoid distractions.

By default, Facebook sends you notifications about all activities on the social network, including requests from apps, games, and nearby hangouts. If some notifications distract you, disable or mute them.

To manage the notifications:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Preferences section, go to Notifications;
  4. Select those notifications in the list that you do not wish to receive;
  5. Disable the Allow notifications on Facebook option and confirm:
  6. For some types of events, you cannot turn off all notifications with one tap. In this case disable the Push, Email and SMS options individually.

Turn off notifications from games and apps

What for: To avoid distractions.

Other users can send you invitations from games, as well as other notifications from internal Facebook apps. If such messages annoy you, turn them off. (If you previously disabled the Apps, website and games feature, you do not need to turn off notifications.)

To disable notifications from games and apps:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. In the Permissions section, go to Apps and websites;
  4. In the Game and app notifications section, tap Turn off and confirm.


How to clean up your traces

open all


Delete bank card details

What for: Not to lose money.

Facebook users can make in-app purchases, donate money to charity, or buy products, for example, on Facebook Marketplace. To this end, the social network requests and stores details of a bank card or PayPal account as a payment method.

That's convenient, but in the event of a leak or hack, your financial information could fall into the hands of cybercriminals. To avoid that, delete the information from the social network's database:

  1. Tap the menu icon in the lower right corner of the app;
  2. Tap the cogwheel in the upper right corner;
  3. Go to the Payments section. At the top of the screen, you will see a list of bank cards and PayPal accounts associated with the app;
  4. Go through them, tapping Remove Card for each:
  5. If you use a bank card or PayPal account to pay for advertising, close your advertising account in the social network before removing your payment methods.

Downside: You need a saved payment method to order ads or make purchases on Facebook. After deleting cards and accounts, you will not be able to use these options.

You can still buy goods on Facebook store pages if they process payments on their own sites.

Check the list of active sessions

What for: To prevent others from using your account for their own purposes.

Facebook records every login to your account and stores it in the list of active sessions. Imagine that you log in to your account on another device and forget to log out — in that case someone could take advantage of your forgetfulness and get their hands on your info.

To prevent this from happening, remotely close all unknown active sessions from your iOS device:

1.   Tap the menu icon in the lower right corner of the app;

2.   Tap the cogwheel in the upper right corner;

3.   Go to Password and security;

4.   Tap See all next to Where you're logged in, where all of your previous and current sessions are listed;

5.   If you see a session that seems off, select it and tap Log out.


What would have happened if you had chosen another privacy level?


Also recommended

Main / Facebook privacy settings on iPhone: Medium level
Privacy level
?

Relaxed

Basic privacy settings, maximum convenience.


Medium

A golden mean respecting privacy matters but preserving convenience.


Tight

A choice of security over convenience; instructions contain a lot of details.

Relaxed
Medium
Tight
Platform
Windows
Mac
iPhone
Android
What are we setting up here?
Instagram
Facebook
WhatsApp
TikTok
X(Twitter)
Youtube
Telegram
Google
Skype
LinkedIn
VK
iOS
Chrome
Safari
Firefox
Edge
Apply