Facebook privacy settings on iPhone: Medium level

What for: So you don’t get hacked.

If you use a short and simple password for your Facebook account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

• Is at least 8 characters long;
• Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
• Is not an actual word or easy-to-guess phrase;
• Is not the same as for any other account, including your Apple ID password;
• Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Password and security section;
5. Tap Change password;
6. Enter your current Facebook password;
7. Enter a new strong password twice;
8. Tap Update password.

What for: So you definitely don’t get hacked.

Facebook can be configured to request a one-time code when you log in to your account. That way, even if cybercriminals learn your username and password, they will not be able to use them. The code is sent by SMS to your specified phone number or generated by an app (for example, Google Authenticator).

To enable two-factor authentication:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Password and security section;
5. Tap Use two-factor authentication;
6. Select a one-time code retrieval method:
7. Authentication App
8. Text Message (SMS)

Remember that a text message with the code can be intercepted by malware, which is why using a two-factor authentication app is a safer option. Facebook can also use the phone number you linked to your profile for targeted advertising.

With two-factor authentication, you can log in to your account even if you lose your phone. For that, you need the recovery codes. To get them:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Password and security section;
5. Tap Use two-factor authentication;
6. Select Recovery codes;
7. Tap the Show codes button.

Each of the ten codes can be used only once. Write them down or take a screenshot of them, and keep the information in a safe place.

What for: So nobody can log in to your account on your old phone.

By default, Facebook trusts any devices from which you previously logged in to the social network. When signing in on them, a one-time code is not requested. If your old phone ends up in the hands of strangers, they will be able to log in to your account bypassing two-factor authentication. To avoid this, include only devices that you currently use in the trusted list:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Password and security section;
5. Tap Authorised logins;
6. Remove the ones you don’t use from the list of trusted devices.

If necessary, you can still log in to Facebook from any device using two-factor authentication.

What for: To change your password promptly if you get hacked.

Facebook can notify you every time your username and password are entered in a new browser or on a new device. If a stranger logs in to your account, you will be notified so that you can change your password right away. To this end, the social network will send you an e-mail or notification to a trusted device.

To enable suspicious activity alerts:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Password and security section;
5. Tap Get alerts about unrecognised logins;
6. Specify how you prefer to receive suspicious activity alerts selecting one of the options:
7. Notifications;
8. Messenger;
9. Email address;
10. Tap Save.

We recommend activating all three alert channels so that you can receive warnings even if one of the channels is unavailable, for example if you lose your phone or your e-mail is hacked.

What for: So Facebook does not know more than it needs to.

The Facebook app requests the contact list of your phone to help you locate the people you know on the social network. However, the information about your contacts is also used to create targeted ads and generate news feeds. Moreover, your information is shared with third parties, which increases the risk of a leak.

To prevent Facebook from using your contact list:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Select Upload contacts;
5. Disable the Upload contacts feature.

Downside: The social network will not prompt you to add your new acquaintances whose numbers you store in the contact list as your new friends.

If such apps as Instagram, Messenger or WhatsApp, which are owned by Facebook, have access to the contact list, this information can still be used by the social network.

Keep in mind that you have to disable access to contacts on all your devices with contact lists.

You can check which contacts are already uploaded to your accounts and remove any unwanted information here:

• Facebook https://www.facebook.com/mobile/facebook/contacts/?tab=contacts
• Messenger https://www.facebook.com/mobile/messenger/contacts/
• Instagram https://www.instagram.com/accounts/contact_history/

What for: So Facebook does not know where you go.

The Facebook app can access information about your location. This information is used to geotag your posts and stories and configure targeted advertising suggestions. If you do not want to share your location with strangers and the social network, you can disable access to location data.

To disable geodata transfer:

1. Open Settings on your device;
2. Go to the Privacy section;
3. Open Location Services;
4. Find Facebook in the list of apps;
5. Select Never.

Bear in mind that the Facebook geodata log stores your locations harvested before access is disabled. You can turn off this feature and delete the collected data:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Access Your Information section;
5. Tap Logged Information;
6. Tap Location History. If necessary, enter your password;
7. Tap the three-dot button in the upper right corner of the screen, and go to Location Settings;
8. Disable the Location History feature;
9. Tap View Your Location History; If necessary, enter your Facebook password;
10. Tap the three-dot button in the upper right corner of the screen;
11. Select Delete all location history and confirm.

Downside: Facebook will not be able to alert your friends when you are nearby or show you nearby events. You won’t see location-based advertising, either.

If such apps as Instagram, Messenger, and WhatsApp, which are owned by Facebook, have access to location data, it can still be used by the social network.

What for: To stop Facebook from looking for you in every photo.

Facebook can locate you in photos and videos by using face recognition. To this end, the social network analyzes your photos and creates a search template.

When one of your friends uploads a photo of you, Facebook may suggest tagging you. You will also receive a notification when a photo of you has been uploaded. Also, face recognition can be used to protect your account from getting duplicated.

According to Facebook, its face recognition technology is intended for convenience and safety https://www.facebook.com/help/122175507864081 and cannot be abused. However, not all people like the idea of being watched.

To disable face recognition:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Scroll down to the Permissions section;
5. Go to the Face recognition section;
6. Tap Do you want Facebook to be able to recognise you in photos and videos?;
7. Select No.

Downside: Disabling the face recognition function does not mean that you will no longer be tagged in photos. It’s just that now, anyone wanting to tag you will have to do so manually. If you disable face recognition, Facebook will remove the template with your biometric data, and your friends will not receive notifications prompting them to tag you in photos. You will also stop receiving notifications whenever somebody posts your photo without tagging you, which means you will not be alerted right away if strangers use your photos as their own.

You can view the list of photos in which you are already tagged in the activity log.

What for: To prevent potential data leaks.

Many apps and websites allow users sign in with their Facebook account. That gives the owners of such third-party services access to your publicly available information and profile-linked e-mail address. Developers that have passed a review can request permission to create posts on your behalf or send you advertising messages.

In general, logging in through Facebook can be convenient: It eliminates the need to create and memorize logins and passwords for each service. However, after logging in to a website through Facebook, we may forget we did so. As a result, the account becomes linked over time to a long list of third-party resources.

Remember that services connected to your account can become a source of data leaks or post advertising messages on your behalf. Although Facebook clears the access list automatically, we recommend manually removing any unwanted services from this list from time to time.

To see which sites and apps have access to your profile and to revoke permissions:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Select Settings;
4. Go to the Apps and Websites section;
5. Select the names of those apps you do not trust;
6. Tap Remove. A dialog box opens;
7. To remove all content that the app or website published on your page, select Delete posts, videos or events that these apps posted on your timeline;
8. Tap Remove.

If you prefer not to log in through Facebook at all, you can disable this feature entirely:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Apps and Websites section;
5. Find Apps, websites and games;
6. Tap Turn off.

What for: To keep Facebook from personalizing ads based on your actions on other websites and in other applications.

You cannot manage your off-Facebook activity in the iOS app. To deny advertisers access to this information, follow the instructions for the Web version.

What for: To remove irrelevant comments.

By default, all Facebook users can leave comments under your posts, an ability that spammers and trolls often abuse.

To make sure that only your friends can comment on your posts:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Followers and public content section;
5. Under Public post comments, select the check mark next to Friends.

You can also block the app from showing comments containing certain keywords or hashtags on your timeline. In this way you can hide offensive comments or other unwanted content. This feature can be configured only in the settings of the Facebook Web version.

What for: To avoid unpleasant people.

If you want to stop a specific user from commenting on your posts, you can block that user. Blocked users will not be able to view your profile, leave comments under your posts, or send you private messages. In this case, the user will not know that you blocked them.

To block a user:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Blocking section;
5. Tap Add to blocked list;
6. Type a name of user you want to block;
7. Tap Block and confirm your selection.

What for: Peace of mind.

Other Facebook users can tag you in their posts. By default, such posts appear in your timeline and your friends get notified about them. But what if somebody tags you in an offensive or fraudulent post — or if

your friends tag other people in your posts? The point is, tagging isn’t always welcome.

You can limit other users’ ability to tag you in their posts as well as configure the app to request your confirmation every time you get tagged:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Profile and tagging section;
5. Tap Who can see posts you're tagged in on your profile? and select one of the options:
6. Friends of friends;
7. Friends;
8. Friends except...;
9. Specific friends;
10. Only me;
11. Tap Review tags that people add to your posts before the tags appear on Facebook? and turn on the toggle switch next to Review tags on your posts;
12. Tap Review posts that you're tagged in before the post appears on your profile? and turn on the toggle switch next to Review posts you’re tagged in.

Remember that posts in which you have been tagged will still be available in search results and other Facebook sections. To delete such a tag in somebody's post:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Activity log section;
5. Select Activity you’re tagged in and tap Posts and comments you’re tagged in;
6. Tap the button with three dots to the right of the post;
7. Select Report Tag and confirm your selection. You can specify a reason for the report;
8. Tap Remove tag and confirm your selection.

What for: To get rid of spam.

By default, people in your Friends list can post on your wall. Sometimes, such “friendly” publications are anything but good, and if any of your friends gets your account hacked you might see lots of unwanted posts on your profile.

To limit the ability to post to your profile:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Profile and tagging section;
5. Tap Who can post on your profile? and select Only me;
6. Tap Who can see what others post on your profile? and select Only me.

What for: To fend off bothersome users.

By default, Facebook allows all users to send you friend requests. Spammers and fraudsters sometimes abuse this feature. Having lots of requests from unknown people is bound to get on your nerves.

To limit the list of users who can send you friend requests:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the How people find and contact you section;
5. Tap Who can send you friend requests? and select Friends of friends.

Downside: Your acquaintances will have a hard time locating your Facebook profile unless they are friends of your friends.

What for: So your posts will be seen only by those for whom they are intended.

When you create a new post, you can choose who will see it on Facebook. By default, they are visible to all of your friends. That can be inconvenient if you would prefer not to share your private life with some of them.

You may already have changed this setting and made your posts publicly available. Remember that information from your posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can choose the following access settings for your posts:

• Public — posts are visible to all Facebook users and visitors to your page who are not registered on the social network;
• Friends — posts are visible to friends only;
• Friends except… — posts are visible to all friends except those listed;
• Specific friends — posts are visible to friends on the list only;
• Only me — posts are visible to no one but you.

To configure the default visibility of your posts:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Posts section;
5. Select Who can see your future posts;
6. Specify which group of users shall see your posts by default.

Remember that you can still override the general settings and change the visibility of each post when publishing it or later.

A. To restrict the visibility of your post when you create it:

1. Tap the button under your name;
2. Choose the user group you want to see your post.

B. To configure the visibility of an existing post:

1. Tap the three-dot button to the right of the post title;
2. Select Edit Privacy in the menu that opens;
3. Choose the user group you want to see your post.

Earlier versions of the Facebook app for some types of devices did not include a function for restricting the visibility of posts, but you can still customize their visibility.

To restrict the visibility of posts created in older versions of the app:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Posts section;
5. Tap Limit who can see past posts;
6. Specify which group of users shall see your posts by default.

What for: So your stories are visible only to those for whom they are intended.

Other Facebook users can see your stories and share them with their friends, so your personal information might become available to outsiders, and details from stories could be exploited.

You can set the following visibility levels of Facebook stories:

• Public — any Facebook or Messenger user can view your stories;
• Friends — only your Facebook friends can view your stories;
• Custom — your stories are visible only to Facebook users on this list.

To configure the default visibility of your stories:

1. Tap the menu icon in the lower right corner of the app.
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Stories section;
5. Tap Story Privacy;
6. Select a group of users who will be able to view your stories;
7. Tap Change;
8. Go back to the Stories section and select Sharing options;
9. Tap Don’t allow.

To limit the visibility of a story when you post it:

1. After choosing a photo or video for your story, tap Privacy in the lower left corner of the screen;
2. Select a group of users who will be able to view your story;
3. Tap Save.

To limit the visibility of a story already posted:

1. Select Your story at the top of your news feed;
2. Tap the three-dot button in the upper right corner of the screen;
3. Select Edit Story Privacy;
4. Select a group of users who will be able to view your story;
5. Tap Save.

What for: To keep your posts from being shared beyond the intended audience.

Other Facebook users can add your posts to their stories. That means people other than your friends can see your posts. You can prevent other users from sharing your posts.

To prevent your posts being shared in stories:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Profile and tagging section;

Tap Allow others to share your posts to their story? and check the box next to No.

Keep in mind that Facebook offers other ways to share your posts. For example, users can repost them or send your post in a direct message.

What for: To protect yourself from spammers and other shady people.

Cybercriminals can use information from your profile to do all kinds of unpleasant things. For example, they can bombard your phone with spam calls or text messages. Also, contacts from your social network profile in combination with certain publicly available information about your life can be a treasure trove for bad actors who can try to defraud you financially. Detailed information about your job or interests helps them contrive persuasive stories.

By default, your phone number is visible to all of your friends. Friends of friends can see your date of birth. Information about your city, place of work or study is publicly available.

To hide this information:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Profile information section;
5. Set the visibility of each personal information item to Only me.

After configuration, you can see how your profile looks to other users:

1. Tap the menu icon in the lower right corner of the app;
2. Under your name select See your profile;
3. Tap the three dots icon next to your name and select View as.

Downside: Your friends may have trouble locating your Facebook profile or contacting you by phone.

What for: To conceal information about your interests.

By default, people, pages, and lists that you follow are visible to all users. Fraudsters can use information about your hobbies and interests to concoct more believable stories. And your employer probably doesn’t need to know that you are subscribed to ten job search groups.

You can make your subscriptions visible to all or some friends, or hide them from everyone but you:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Followers and public content section;
5. Tap Who can see the people, Pages and lists you follow? and select one of the options:
6. Friends;
7. Friends except...;
8. Specific friends;
9. Only me.

What for: To stop showing everybody when you are online.

Facebook shows your friends when you are, or last were, online. Your ex-partners or other interested people could monitor your status and spam you with their messages when you are online.

Also, if you friend people you don’t know personally, this information could be used by an intruder to choose the best time to hack your account. By observing your status over a period of several days, they will see when you are likely to be offline and unable to respond promptly to an attack.

To stop Facebook from showing your status:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Active Status section;
5. Disable the Show when you're active feature;
6. Select Turn off in the dialog that opens.

Downside: You will also be unable to see the status of your friends.

What for: To avoid distractions.

By default, Facebook shows you notifications about all social network activities, including game and app alerts and information about nearby hangouts. If some notifications distract you, disable or mute them.

To manage the notifications:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Notifications section;
5. Select the listed types of events that you do not wish to be notified about and disable the Allow notifications on Facebook feature:
6. For some types of events, all notifications cannot be disabled with a single tap. In this case turn off the Push, Email and SMS toggle switches individually.

What for: To avoid distractions.

Other users can send you invitations from games, as well as other notifications from internal Facebook apps. If such messages annoy you, turn them off.

To disable notifications from games and apps:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Apps and Websites section;
5. In the Games and app notifications section, select Turn Off and confirm.

What for: Not to lose money.

Facebook users can make in-app purchases, order ads on the social network, donate money to charity, or buy products, for example, on Facebook Marketplace. To this end, the social network requests and stores details of a bank card or PayPal as a payment method.

That’s convenient, but in the event of a leak or hack, your financial information could fall into the hands of cybercriminals. To avoid that, delete the information from the social network’s database.

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Go to the Payments section; Select Facebook Pay and Ads payments; At the top of the screen, you will see a list of bank cards and PayPal accounts associated with the app;
5. Go through them, tapping Remove Card for each:
6. If you use a bank card or PayPal to pay for advertising, close your advertising account in the social network before removing it.

Downside: You need a saved payment method to order ads or make purchases on Facebook. After deleting cards and accounts, you will not be able to use these options.

You can still buy goods on Facebook store pages if they process payments on their own sites.

What for: To view what data Facebook has on you, remove the data you don’t need, and back up the data you want.

You can view and download all of the information Facebook stores about you. Information about posts, comments, likes, and other actions is kept in the activity log.

To view and download the log:

1. Tap the menu icon in the lower right corner of the app;
2. Select Settings & Privacy;
3. Open Settings;
4. Scroll down to the Access Your Information section;
5. Tap the download your information link. You can select individual data types, as well as set the time interval, file format and media quality (using the options at the bottom of the screen);
6. Tap Create file to download an archive with your Facebook information.

The only option Facebook offers to delete the information it harvested is to delete the relevant account.

However, if you are a citizen of the European Union, you can demand that Facebook remove your data pursuant to Article 17 of the General Data Protection Regulation (GDPR). The company is obligated to take steps to remove that information even if the data has been transferred to third parties and is stored by them. Within a month, the social network will send you a progress report or the reason why your request has been denied (the list of possible reasons appears in Part 3 of Article 17 of the GDPR).