Facebook privacy settings on Windows: Relaxed level

What for: So you don’t get hacked.

If you use a short, simple password for your Facebook account, cybercriminals can brute-force it and hijack your account. The longer and more complex your password, the less likely they are to succeed. Use a strong password that:

• Is at least 8 characters long;
• Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
• Is not an actual word or easy-to-guess phrase;
• Is not the same as your passwords for any other accounts;
• Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and Privacy;
3. Click Settings;
4. Select Security and Login in the menu on the left;
5. Click Edit to the right of Change password;
6. Enter your current Facebook password;
7. Enter a new strong password twice;
8. Click Save Changes.

What for: So you definitely don’t get hacked.

Facebook can be configured to request a one-time code when you log in to your account. That way, even if cybercriminals learn your username and password, they will not be able to use them. The code is sent by SMS to your specified phone number or generated by an app (for example, Google Authenticator).

To enable two-factor authentication:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Security and Login in the menu on the left;
5. Click Edit to the right of Use two-factor authentication;
6. If you see a warning about being redirected to another page, confirm this action;
7. Enter the current password for your Facebook account;
8. Сhoose a method for receiving the one-time code:
9. By Text Message (SMS) to the phone number linked to your Facebook account or another number (for example, a SIM card on another device):
10. Click Continue. If a phone number is not linked to your Facebook account, you will have to enter it and click Continue;
11. In the window that opens, enter the code that Facebook sends to the phone number associated with the account and click Continue;
12. A code generated by another app, such as Google Authenticator:
13. To activate two-factor authentication using the app, start it and follow the on-screen instructions.

Remember that a text message with the code can be intercepted by malware, which is why using a two-factor authentication app is a safer option. Facebook can also use the phone number you linked to your profile for targeted advertising.

With two-factor authentication, you can log in to your account even if you lose your phone. For that, you need the recovery codes:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Security and Login in the menu on the left;
5. Click Edit next to Use two-factor authentication;
6. Some browsers may warn you about being redirected to another page. Confirm this action;
7. Enter the current password for your Facebook account;
8. Click Setup next to Recovery Codes;
9. Click Get Codes.

Each of the ten codes can be used only once. Write them down or take a screenshot of them, and keep the information in a safe place.

What for: To remove irrelevant comments.

By default, all Facebook users can leave comments under your posts, an ability that spammers and trolls often abuse.

To make sure that only your friends can comment on your posts:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Public Posts in the menu on the left;
5. Click Edit next to Public Post Comments;
6. Select Friends in the drop-down list.

You can block comments containing certain words or hashtags from appearing on your timeline. In this way you can hide offensive comments or other unwanted content.

To configure the filter:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Profile and Tagging in the menu on the left;
5. Click Edit next to Hide comments containing certain words from your profile;
6. Specify words or phrases you want to exclude from comments on your timeline and click +. You can use emoji and type several words or phrases, separating them with commas;
7. Click Save.

Note: Comment authors and their friends will still see the words on your stop list.

What for: To avoid unpleasant people.

If you want to stop a specific user from commenting on your posts, you can block that user. Blocked users will not be able to view your profile, leave comments under your posts, or send you private messages. In this case, the user will not know that you blocked them.

To block a user:

1. Open the profile of the user.
2. Click the button with three dots in the lower right corner of the profile cover photo;
3. Select Block in the drop-down menu;
4. Click Confirm.

What for: So your posts will be seen only by those for whom they are intended.

You can choose who will see your Facebook posts. By default, they are visible to all of your friends. That can be inconvenient if you would prefer not to share your private life with some of them.

You may already have changed this setting and made your posts publicly available. Remember that information from your posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can choose the following access settings for your posts:

• Public — posts are visible to all Facebook users and visitors to your page who are not registered on the social network;
• Friends — posts are visible only to users on your friend list;
• Friends except… — posts are visible to all users on your friend list except those you have chosen to exclude;
• Specific friends — you can configure a list of friends who will see your posts;
• Only me — posts are visible to no one but you;
• Custom — posts are visible to a custom list of Facebook users that may include both friends and users who do not follow you.

To configure the default visibility of your posts:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Privacy in the menu on the left;
5. Click Edit next to Who can see your future posts?;
6. In the drop-down menu, specify the group of users who will see your posts by default. To view all menu items, click See All.

Remember that you can still override the general settings and change the visibility of each post when publishing it or later.

A. To restrict the visibility of your post when you create it:

1. Open the drop-down menu under your name at the top of the page;
2. Specify the group of users who will see your post. To view all menu items, click See All.

B. To configure the visibility of an existing post:

1. Click the button with three dots to the right of the post title;
2. Select Edit audience;
3. Specify the group of users who will see your post. To view all menu items, click See All.
4. Click Save.

You can also restrict the visibility of all existing posts by making them visible to friends only:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Privacy in the menu on the left;
5. Click Limit Past Posts on the right under Your Activity;
6. Click Limit Past Posts;
7. In the window that opens, click Limit Past Posts.

Note that people you mention or tag in a post will see it even if you set the Only me option.

What for: So your stories are visible only to those for whom they are intended.

Other Facebook users can see your stories and share them with their friends, so your personal information might become available to outsiders, and details from stories could be exploited.

You can set the following levels of story visibility:

• Public — any Facebook or Messenger user can view your stories;
• Friends — only your Facebook friends can view your stories;
• Custom — stories are visible to a custom list of Facebook users that may include both friends and users who do not follow you.

To limit access to stories:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Stories in the menu on the left;
5. Click Edit next to Allow others to share your public stories to their own story? and select Don’t allow in the drop-down list;
6. Click Edit next to Allow people to share your stories if you mention them? and select Don’t allow in the drop-down list.

To limit the visibility of your story when you create it:

1. Open the drop-down menu next to Your Story;
2. Specify the group of users who will see your story.

What for: To protect yourself from spammers and other shady people.

Cybercriminals can use information from your profile to do all kinds of unpleasant things. For example, they can bombard your phone with spam calls or text messages. Also, contacts from your social network profile in combination with certain publicly available information about your life can be a treasure trove for bad actors who can try to defraud you financially. Detailed information about your job or interests helps them contrive persuasive stories.

By default, your phone number is visible to all of your friends. Friends of your friends can see your date of birth. Meanwhile, information about your city, place of study, and work is public.

To hide this information:

1. Click the button with your name at the top of the screen to view your profile;
2. Select About in the menu under the profile cover photo;
3. Edit the visibility of your personal details by clicking symbols near three dots and selecting Only me. Use the menu on the left to navigate sections with your information.

After configuration, you can see how your profile looks to other users:

1. Open your profile;
2. Click the three-dots icon to the right of the Edit Profile button;
3. Select View as.

Downside: Your friends may have trouble locating your Facebook profile or contacting you by phone.

What for: To avoid distractions.

By default, Facebook shows you notifications about all social network activities, including game and app alerts and information about nearby hangouts. If some notifications distract you, disable or mute them.

To manage the notifications:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Notifications in the menu on the left;
5. In the What Notifications You Receive section, select the listed notifications that you do not wish to receive and turn off the Allow Notifications on Facebook feature:
6. Some types of notifications don’t have a single switch; turn off Push, Email, and SMS switches separately;
7. To mute notifications, select Browser in the How You Get Notifications section;
8. Turn off the Play a sound when each new notification is received toggle switch or the Play a sound when a message is received toggle switch.

What for: To view what data Facebook has on you, remove the data you don’t need, and back up the data you want.

You can view and download all of the information Facebook stores about you. Information about posts, comments, likes, and other actions is kept in the activity log.

To view and download the log:

1. Click the down arrow in the upper right part of the screen;
2. Open Settings and privacy;
3. Click Settings;
4. Select Your Facebook Information in the menu on the left;
5. Click View next to Access Your Information. Information about your Facebook activity is grouped in such sections as Your Activity Across Facebook, Friends and followers, etc. You may choose to edit privacy settings or delete any post, photo, comment, or other data;
6. To download an archive with your Facebook data, click Download Your Information;
7. You may choose specific data types and set a date range, format or media quality (using the options at the top of the screen) and click Create File.

The only option Facebook offers to delete the information it harvested is to delete the relevant account.

However, if you are a citizen of the European Union, you can demand that Facebook remove your data pursuant to Article 17 of the General Data Protection Regulation (GDPR). The company is obligated to take steps to remove that information even if the data has been transferred to third parties and is stored by them. Within a month, the social network will send you a progress report or the reason your request has been denied (the list of possible reasons appears in Part 3 of Article 17 of the GDPR).