Facebook for Windows users: Medium privacy set

Change settigns
Privacy level
Choose
Platform
Choose
What are we setting up here?
Choose
ApplyCancel

How to protect your account from getting hacked

open all
Set a strong password

What for: So you don’t get hacked.

If you use a short, simple password for your Facebook account, cybercriminals can brute-force it and hijack your account. The longer and more complex your password, the less likely they are to succeed. Use a strong password that:

  • Consists of 8–20 characters,
  • Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.),
  • Is not an actual word or easy-to-guess phrase,
  • Is not the same as your passwords for any other accounts,
  • Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, etc., or those of your relatives and friends).

To change your password:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Security and Login in the menu on the left.
  4. Click Edit to the right of Change password.
  5. Enter your current Facebook password.
  6. Enter a new strong password twice.
  7. Click Save Changes.

Enable two-factor authentication

What for: So you’re even less likely to get hacked.

Facebook can be configured to request a one-time code when you log in to your account. That way, even if cybercriminals learn your username and password, they will not be able to use them. The code is sent by SMS to your specified phone number or generated by an app (for example, Google Authenticator).

To enable two-factor authentication:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Security and Login in the menu on the left.
  4. Click Edit to the right of Use two-factor authentication.
  5. If you see a warning about being redirected to another page, confirm this action.
  6. Enter the current password for your Facebook account.
  7. Click Get Started and choose a method for receiving the one-time code:
  8. By SMS to the phone number linked to your Facebook account or another number (for example, a SIM card on another device).
  9. Click Next. If you don’t have a phone number linked to your Facebook account, you will be asked to provide it and click Next. If a phone number is not linked to your Facebook account, you will have to enter it and click Next.
  10. In the window that opens, enter the code that Facebook sends to the phone number associated with the account and click Next.
  11. A code generated by another app, such as Google Authenticator.
  12. To activate two-factor authentication using the app, start it and follow the on-screen instructions.

Remember that a text message with the code can be intercepted by malware, which is why using a two-factor authentication app is a safer option. Facebook can also use the phone number you linked to your profile for targeted advertising.

With two-factor authentication, you can log in to your account even if you lose your phone. For that, you need to get recovery codes. To do so:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Security and Login in the menu on the left.
  4. Click Edit next to Use two-factor authentication.
  5. Some browsers may warn you about being redirected to another page. Confirm this action.
  6. Enter the current password for your Facebook account.
  7. Click Setup next to Recovery Codes.
  8. Click Get Codes.

Each of the ten codes can be used only once. Write them down or take a screenshot of them, and keep the information in a safe place.

Verify the list of trusted devices

What for: So nobody can log in to your account on your old phone.

By default, Facebook considers all devices from which you have logged in before as trusted. When you sign in on them, a one-time code is not requested. If your old phone falls into cybercriminal hands, they will be able to log in to your account bypassing two-factor authentication. To avoid this, include only devices that you currently use in the trusted list.

To do so:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Security and Login in the menu on the left.
  4. Click View next to Authorized Logins.
  5. Check the boxes next to devices that you do not use, and click Remove.

If necessary, you can still log in to Facebook from any device using two-factor authentication.

Enable suspicious activity alerts

What for: To change your password promptly if you get hacked.

Facebook can notify you every time your username and password are entered in a new browser or on a new device. If someone else signs in to your account, you will be notified immediately by e-mail or alert on a trusted device. In this way you can react promptly and change the password.

To enable suspicious activity alerts:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Security and Login in the menu on the left.
  4. Click Edit next to Get alerts about unrecognized logins.
  5. Specify how you prefer to receive suspicious activity alerts selecting one of the options:
  6. Facebook notification,
  7. Messenger,
  8. E-mail address.

We recommend activating all three to receive alerts even if one of the channels is unavailable; for example, if you lose your phone or your e-mail is hacked.


How to keep corporations out of your business

open all
Disable integration with questionable sites

What for: To prevent potential data leaks.

Many apps and websites allow users to sign in with their Facebook account. This gives the owners of such third-party services access to your publicly available information and profile-linked e-mail address. Developers that have passed a review can request permission to create posts on your behalf or send you advertising messages.

In general, logging in through Facebook can be convenient: It eliminates the need to create and memorize logins and passwords for each service. However, after logging in to a website through Facebook, we may forget we did so. As a result, the account becomes linked over time to a long list of third-party resources.

Remember that services connected to your account can become a source of data leaks or post advertising messages on your behalf. Although Facebook clears the access list automatically, we recommend manually removing any unwanted services from this list from time to time.

To see which sites and apps have access to your profile and to revoke permissions:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Apps and Websites in the menu on the left.
  4. Under Data Access: Active — Active Apps and Websites, check the boxes next to the names of those apps or websites that you do not trust, and click Remove.
  5. In the window that opens, also check the box opposite Also delete all posts, photos and videos on Facebook that <app name> may have published on your behalf and click Remove.
  6. Click Done.

If you prefer not to log in through Facebook at all, you can disable this feature entirely:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Apps and Websites in the menu on the left.
  4. Click Edit under Apps, Websites and Games.
  5. Click Turn Off.

Restrict the use of information about your off-Facebook activity in advertising.

What for: to keep Facebook from personalizing ads based on your activity on other websites and in other applications.

The social network’s partners share information about your activity on their websites and in their applications with Facebook. In particular, if you purchase something through a service that you logged in to with your social network account or that has the social network’s analytics tools built into it, Facebook will learn that and will use information about your purchase for personalizing ads. For instance, if you have looked for a hotel in another town using a lodging search application, Facebook will show you ads for airlines that sell flights to that town. It is not just on the device that you used to search for a hotel but every other place where you are logged in.

The social network lets you find out which of your activities it follows and restrict the use of that information for ad personalization. This is a highly useful feature: it shows just how much the company knows about your online activity. Besides, you may want to keep your visits to some of the services that share information with Facebook private, e.g. from friends who can see your Timeline.

To prevent Facebook from using information about your online activity for personalizing ads and clear the activity log:

  1. Tap the menu icon in the upper right corner of the app.
  2. Select Settings & Privacy.
  3. Open Settings.
  4. Go to Off-Facebook Activity.
  5. If you want to clear your activity log, tap Clear History and confirm.
  6. Tap the three dots in the upper right corner of the screen.
  7. Select Manage Future Activity.
  8. Tap Manage Future Activity.
  9. Toggle off the Future Off-Facebook Activity option and confirm.

Here, too, you can view and download your account data.

The new settings will take effect within two days. The amount of ads will remain unchanged, but they will no longer consider your activity outside of Facebook.

Bear in mind that although Facebook will stop using that information in selecting ads, the social network will continue to receive it from partners.

Downside: you will no longer be able to log in to websites and applications with your Facebook account.

If you have logged in to third-party service with your social network account before, you may be kicked out of your account with the service. You will lose access to the data in the service including accumulated discounts, game achievements, etc.

Block face recognition

What for: To stop Facebook from looking for you in every photo.

Facebook can locate you in photos and videos by using face recognition. To this end, the social network analyzes your photos and creates a search template.

When one of your Facebook friends uploads a photo of you, the social network may suggest tagging you. If the photo of you is uploaded without a tag, Facebook will prompt you to check and confirm whether you are in the photo. You will also get a notification if somebody pretends to be you and uses your photo as a profile image.

According to Facebook, its face recognition technology is intended for convenience and safety and cannot be abused. However, not all people like the idea of being watched.

To disable face recognition:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Face Recognition in the menu on the left.
  4. Click Edit next to Face Recognition.
  5. Select No in the drop-down list.
  6. Click Close.

Downside: Disabling the face recognition function does not mean that you will no longer be tagged in photos. It’s just that now, anyone wanting to tag you will have to do so manually. If you disable face recognition, Facebook will remove the template with your biometric data, and your friends will not receive notifications prompting them to tag you in photos. You will also stop receiving notifications whenever somebody posts your photo without tagging you, which means that you will not be alerted right away if strangers use your photos as their own.

You can view the list of photos in which you are already tagged in the activity log.


How to defeat spammers and trolls

open all
Block unwanted users

What for: To avoid unpleasant people.

If you want to stop a specific user from commenting on your posts, you can block that user. Blocked users will not be able to view your profile, leave comments under your posts, or send you private messages. In this case, the user will not know that you blocked them.

To block a user:

  1. Open the profile of the user.
  2. Click the button with three dots in the lower right corner of the profile cover photo.
  3. Select Block in the drop-down menu.
  4. Click Confirm.

Limit the ability to tag you in posts

What for: Peace of mind.

Other Facebook users can tag you in their posts. By default, such posts appear in your timeline, and your friends get notified about them. But what if somebody tags you in an offensive or fraudulent post — or if your friends tag other people in your posts? The point is, tagging isn’t always welcome.

You can limit other users’ ability to tag you in their posts as well as configure the app to request your confirmation every time you get tagged.

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Timeline and Tagging in the menu on the left.
  4. Click Edit next to Who can see posts you're tagged in on your timeline? and select one of the options:
  5. Friends of friends
  6. Friends
  7. Friends except...
  8. Specific friends
  9. Only me
  10. Custom
  11. Click Edit next to Who can see posts you're tagged in? and select one of the options:
  12. Friends
  13. Only me
  14. Custom
  15. Click Edit next to Review tags people add to your posts before the tags appear on Facebook? and select Enabled in the drop-down list.
  16. Click Edit next to Review posts you're tagged in before the post appears on your timeline? and select Enabled in the drop-down list.

Remember that posts in which you have been tagged will still be available in search results and other Facebook sections. To delete such a tag in somebody's post:

  1. Click the button with your name at the top of the screen to view your profile.
  2. Select Activity Log to the right of your name.
  3. In the menu on the left, select Posts You're Tagged In.
  4. Click the pencil icon to the right of the post in which you are tagged.
  5. Click Report/Remove Tag and select any reason for the report. In some cases you may need to specify the reason and click Continue again.
  6. Select Remove Tag in the window that opens. You can also block the user who tagged you or unfriend him or her by selecting an appropriate item in the list.
  7. Click Done.
  8. In the menu on the left, select Photos and Videos.
  9. In the list that appears, select Photos You're Tagged In.
  10. Click Report/Remove Tag and select any reason for the report. In some cases you may need to specify the reason and click Continue again.
  11. Select Remove Tag in the window that opens. You can also block the user who tagged you or unfriend him or her by selecting an appropriate item in the list.
  12. Click Done.

Limit the ability to send you friend requests

What for: To fend off bothersome users.

By default, all Facebook users can send you friend requests. Spammers and fraudsters sometimes abuse this feature. Having lots of requests from unknown people is bound to get on your nerves.

To limit the list of users who can send you friend requests:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Privacy in the menu on the left.
  4. Click Edit next to Who can send you friend requests? and select Friends of friends in the drop-down list.

Downside: Your acquaintances will have a hard time locating your Facebook profile unless they are friends of your friends.

Limit the ability to comment on your posts

What for: To remove irrelevant comments.

By default, all Facebook users can leave comments under your posts, an ability that spammers and trolls often abuse.

To make sure that only your friends can comment on your posts:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Public Posts in the menu on the left.
  4. Click Edit next to Public Post Comments.
  5. Select Friends in the drop-down list.

Exclude offensive comments from your timeline

You can block comments containing certain words or hashtags from appearing on your timeline. In this way you can hide offensive comments or other unwanted content.

To configure the filter:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Timeline and Tagging in the menu on the left.
  4. Click Edit next to Hide comments containing certain words from your timeline.
  5. Specify words or phrases you want to exclude from comments on your timeline and click Add. You can use emoji and type several words or phrases, separating them with commas.
  6. Click Save Changes.

Note: Comment authors and their friends will still see the words on your stop list.


How to hide posts from unwanted people

open all
Configure visibility of posts

What for: So your posts will be seen only by those for whom they are intended.

You can choose who will see your Facebook posts. By default, they are visible to all of your friends. That can be inconvenient if you would prefer not to share your private life with some of them.

You may already have changed this setting and made your posts publicly available. Remember that information from your posts can be used against you. For example, information about your personal life can help telephone fraudsters craft a convincing story to fool you into giving them access to your bank account.

You can choose the following access settings for your posts:

  • Public — posts are visible to any Facebook user and visitors of your profile who are not registered social network users.
  • Friends — posts are visible only to users on your friend list.
  • Friends except… — posts are visible to all users on your friend list except those you have chosen to exclude.
  • Specific friends — you can configure a list of friends who will see your posts.
  • Only me — posts are visible to no one but you.
  • Custom — posts are visible to a custom list of Facebook users that may include both friends and users who do not follow you.

To configure the default visibility of your posts:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Privacy in the menu on the left.
  4. Click Edit next to Who can see your future posts?
  5. In the drop-down menu, specify the group of users who will see your posts by default. To view all menu items, click See All.

Remember that you can still override the general settings and change the visibility of each post when you publish it or later.

  1. To restrict the visibility of your post when you create it:
  2. Open the drop-down menu next to News Feed or Your Story.
  3. Specify the group of users who will see your post. To view all menu items, click See All.
  4. To configure the visibility of an existing post:
  5. Click the button with three dots to the right of the post title.
  6. Select Edit post.
  7. In the drop-down menu to the left of the Save button, specify the group of users who will see your post. To view all menu items, click See All.
  8. Click Save.

You can also restrict the visibility of all existing posts by making them visible to friends only. To do so:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Privacy in the menu on the left.
  4. Click Limit Past Posts on the right under Your Activity.
  5. Click Limit Past Posts.
  6. In the window that opens, click Limit Past Posts.

Note that people you mention or tag in a post will see it even if you set the Only me option.

Limit access to stories

What for: So your stories are visible only to those for whom they are intended.

Other Facebook users can see your stories and share them with their friends, so your personal information might become available to outsiders, and details from stories could be exploited.

You can set the following levels of story visibility:

  • Public — any Facebook or Messenger user can view your stories.
  • Friends and connections — only your Facebook friends and Messenger contacts can view your stories.
  • Friends — only your Facebook friends can view your stories.

To limit access to stories:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Stories in the menu on the left.
  4. Click Edit next to Allow others to share your public stories to their own story? and select Don’t allow in the drop-down list.
  5. Click Edit next to Allow people to share your stories if you mention them? and select Don’t allow in the drop-down list.

To limit the visibility of your story when you create it:

  1. Open the drop-down menu next to Your Story.
  2. Specify the group of users who will see your story.

Stop users from sharing your posts in stories

What for: To prevent your posts from getting shared beyond the intended audience.

Other Facebook users can add your posts to their stories. That means people other than your friends can see your posts. You can prevent other users from sharing your posts.

To prevent your posts being shared in stories:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Timeline and Tagging in the menu on the left.
  4. Click Edit next to Allow others to share your posts to their own story? and select Disabled in the drop-down list.

Keep in mind that Facebook offers other ways to share your posts. For example, users can repost them or send your post in a direct message.


How not to expose your personal data

open all
Configure visibility of your profile data

What for: To protect yourself from spammers and other shady people.

Cybercriminals can use information from your profile to do all kinds of unpleasant things. For example, they can bombard your phone with spam calls or text messages. Also, contacts from your social network profile in combination with certain publicly available information about your life can be a treasure trove for bad actors who can try to defraud you financially. Detailed information about your job or interests helps them contrive persuasive stories.

By default, your phone number is visible to all of your friends. Friends of your friends can see your date of birth. Meanwhile, information about your city, place of study, and work is public.

To hide this information:

  1. Click the button with your name at the top of the screen to view your profile.
  2. Select About in the menu under the profile cover photo.
  3. Edit the visibility of your personal details by clicking Edit text that appears when you hover the mouse pointer over every item and selecting Only me in the drop-down list. Use the menu on the left to navigate sections with your information.

After configuration, you can see how your profile looks to other users. To do so:

  1. Open your profile.
  2. Click three dots in the lower right corner of the cover photo.
  3. Select View As.

Downside: Your friends may have trouble locating your Facebook profile or contacting you by phone.

Restrict the visibility of your subscriptions

What for: To conceal information about your interests.

By default, the people, pages, and lists you follow are visible to all users. Fraudsters can use information about your hobbies and interests to concoct more believable stories. And your employer probably doesn’t need to know that you are subscribed to ten job search groups.

You can make your subscriptions visible to all or some friends, or hide them from everyone but you. To do so:

  1. Click the button with your name at the top of the screen to view your profile.
  2. Select Friends in the menu under the profile cover photo.
  3. Click the pencil to the right of the +Find Friends button.
  4. Click Edit Privacy.
  5. Click the button to the right of Who can see the people, pages and lists you follow? and select one of the options:
  6. Friends
  7. Friends except...
  8. Specific friends
  9. Only me
  10. Custom

Hide your status

What for: To stop showing everybody when you are online.

Facebook shows your friends when you are, or last were, online. That means your ex-partners, for example, or other interested people could monitor your status and spam you with their messages when you are online.

Also, if you friend people you don’t know personally, this information could be used by an intruder to choose the best time to hack your account. By observing your status over a period of several days, they will see when you are likely to be offline and unable to respond promptly to an attack.

To stop Facebook from showing your status:

  1. Click the icon with the image of small cog wheel on the chat panel (it is usually located in the right part of the screen).
  2. In the menu that opens, select Turn Off Active Status.
  3. Select the Turn off active status for all contacts item and click Okay.
  4. Downside: You will also be unable to see the status of your friends.


How to get rid of unwanted notifications

open all
Turn off unnecessary notifications

What for: To avoid distractions.

By default, Facebook shows you notifications about all social network activities, including game and app alerts and information about nearby hangouts. If some notifications distract you, disable or mute them.

To manage the notifications:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Notifications in the menu on the left.
  4. In the What Notifications You Receive section, select the listed notifications that you do not wish to receive and turn off the Allow notifications on Facebook feature.
  5. Some types of notifications don’t have a single switch; turn off Push, Email, and SMS switches separately.
  6. To mute notifications, select Browser in the How You Get Notifications section.
  7. Turn off the Play a sound when each new notification is received toggle switch or the Play a sound when a message is received toggle switch.

Turn off notifications from games and apps

What for: To avoid distractions.

Other users can send you invitations from games, as well as other notifications from internal Facebook apps. If such messages annoy you, turn them off.

To disable notifications from games and apps:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Apps and Websites in the menu on the left.
  4. Click Edit under Game and App Notifications.
  5. Click Turn Off.


How to clean up your traces

open all
Disable and remove the location history

Why: So nobody finds out where you are or where you’ve been.

If you use Facebook on a mobile device, the app is likely to have access to location data. As a result, information about your movements is stored in the location history. Remove it to keep your whereabouts private.

To clear the history of your locations:

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Location in the menu on the left.
  4. Click View your Location History. You may need to re-enter your password. You may need to enter your password again.
  5. Click the button with three dots in the upper right corner of the screen and select Delete all Location History.

Select Delete all Location History.

After removing the location history, remember to deny Facebook access to the location of your mobile device. To do so, follow the instructions on how to configure the iOS or Android app.

If such apps as Instagram, Messenger, and WhatsApp, which are owned by Facebook, have access to location data, then the social network can still use that information.

Delete bank card details

What for: To avoid losing money.

Facebook users can make in-app purchases, order ads on the social network, donate money to charity, or buy products, for example, on Facebook Marketplace. To this end, the social network requests and stores details of a bank card or PayPal as a method of payment.

That’s convenient, but in the event of a leak or hack, your financial information could fall into the hands of cybercriminals. To avoid this, delete it from the social network database.

  1. Click the down arrow in the upper right part of the screen.
  2. Open Settings.
  3. Select Payments in the menu on the left.
  4. Go to the Account Settings tab. Under Payment Methods, you will see a list of bank cards and PayPal accounts linked to your Facebook account.
  5. Select one item at a time and click Remove.
  6. If you use a bank card to pay for advertising, you will first need to close the advertising account in the social network to delete it.

Downside: You need a saved payment method to order ads or make purchases on Facebook. After deleting cards and accounts, you will not be able to use these options.

You can still buy goods on Facebook store pages if they process payments on their own sites.

Privacy level
?

Relaxed

Basic privacy settings, maximum convenience.


Medium

A golden mean respecting privacy matters but preserving convenience.


Tight

A choice of security over convenience; instructions contain a lot of details.

Relaxed
Medium
Tight
Platform
Windows
Mac
iPhone
Android
What are we setting up here?
Instagram
Facebook
TikTok
WhatsApp
VK
Twitter
Skype
Windows 7
Windows 10
Apply