Instagram privacy settings on Android: Medium level

What for: So you don’t get hacked.

If you are using a short and simple password for your Instagram account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

• Is at least 8 characters long;
• Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
• Is not an actual word or easy-to-guess phrase;
• Is not the same as your passwords for any other accounts;
• Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Select Settings;
3. Go to the Security section;
4. Select Password;
5. If the system sends you a message to the e-mail address linked to the account, open it, tap the button, and set a new password;
6. If the form for changing the password opens, enter the old password and then enter the new password twice;
7. Tap the confirmation icon in the upper right corner of the screen.

What for: So you definitely don’t get hacked.

Instagram can prompt you to enter an additional one-time code when you log into the account. Even if cybercriminals find out your login and password, they will not be able to use them without this code. The code can be received via a text message or using an authentication app.

Keep in mind that Instagram can use the phone number you specified for one-time codes for its own purposes, for example to show you targeted ads.

To enable two-factor authentication:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Security section;
4. Select Two-Factor Authentication;
5. Tap Get Started and choose a method for receiving the one-time code:
6. Text message to phone:
7. Instagram will send a code to the phone number linked to the account. Enter it in the window that opens and tap Next.
8. A code generated by another app, such as Google Authenticator.
9. Start the app you have chosen for two-factor authentication and follow the on-screen instructions.

It is considered that safer to use an authentication app for two-factor authentication. A text message with the code can be intercepted by infecting the smartphone with malware or by exploiting a communication protocol vulnerability.

What for: To detect and stop any suspicious activity before it’s too late.

You can view information about all of your account activity and take steps when you detect suspicious activity.

To view the login history and other data of your account:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Security section;
4. Select Access Data;
5. View information about your account activity. Pay close attention to the Account Activity section that contains a history of logins into your account.

What for: To prevent the loss of one account from causing the loss of all other accounts.

Instagram lets you link your account to profiles on other platforms. This lets you automatically share your posts on other social networks. If cybercriminals hack your Instagram account, they will be able to publish posts on your behalf on related networks. Meanwhile, if cybercriminals find out the login and password for your Facebook account, they will be able to hijack your Instagram account.

To disable account syncing:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Account section;
4. Select Sharing to other apps;
5. Tap the names of social network that have a blue check mark next to them one at a time, and in the window that opens tap Unlink.

Downside: After disabling account syncing you will no longer be able to automatically post on several social networks at once. You will also no longer be able to restore access to Instagram using your Facebook profile.

What for: So Instagram does not know more than it needs to.

Instagram requests the contact list of your phone to help you locate the people you know on the social network. The service also collects information about your contacts to generate targeted ads and form the news feed. Since such data is passed on to others, including third parties, there is an increased risk of data leaks.

To stop Instagram from using your contact list:

1. Open Settings on your device;
2. Go to the Apps & notifications section;
3. Tap See all apps and select Instagram in the list;
4. Select Permissions;
5. Tap Contacts;

Downside: Without access to the contact list, Instagram will no longer be able to advise you to follow the accounts of your friends in your contact list.

If such apps as Facebook, Messenger or WhatsApp, which are owned by Facebook, have access to the contact list, this information can still be used by the social network.

Keep in mind that you have to disable access to contacts on all your devices with contact lists.

You can check which contacts are already uploaded to your accounts and remove any unwanted information here:

• Facebook https://www.facebook.com/mobile/facebook/contacts/?tab=contacts
• Messenger https://www.facebook.com/mobile/messenger/contacts/
• Instagram https://www.instagram.com/accounts/contact_history/

What for: So Facebook does not know where you go.

Instagram tracks your location in order to suggest geotags for your posts, generate targeted ads, and suggest hangouts. Transmission of such data compromises your privacy, increases traffic usage and drains the battery. You can stop Instagram from accessing GPS data of the device.

To stop Instagram from tracking your location:

1. Open Settings on your device;
2. Go to the Apps & notifications section;
3. Tap See all apps and select Instagram in the list;
4. Tap Permissions;
5. Select Location;
6. Select Deny.

What for: To remove irrelevant comments.

By default, all Instagram users can leave comments under your posts, which is a feature that is often abused by spammers and trolls.

To limit comments on all future posts:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Comments;
5. Open the Allow Comments From menu and select who can comment on your posts:
6. Everyone
7. People You Follow and Your Followers
8. People You Follow
9. Your Followers
10. You can also stop specific users from commenting on your posts. Open the Block Comments From menu and select users you don’t wish to receive comments from.

If you have a private account, only approved followers can comment on your posts.

You can also stop users from commenting on existing posts or specific new posts:

1. When creating a new post, tap Advanced Settings;
2. Enable the Turn Off Commenting option.

To disable comments under a post that has been already published:

1. Go to your profile;
2. Open the relevant post;
3. Tap the three dots icon next to your name;
4. Select Turn Off Commenting.

What for: So as not to waste time and brain cells on cleaning up comments.

By default, Instagram blocks potentially offensive comments using a built-in filter. However, you can add a custom list of forbidden words, phrases, numbers, or smiley faces:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Comments;
5. Turn on the following options:
6. Hide Offensive Comments — to enable the built-in Instagram filter.
7. Manual Filter — to add a custom list of forbidden words and symbols to the filter.
8. Filter Most Reported Words (this item appears after you activate Manual Filter) — to add to your filter the words and symbols that are blocked most often by other users.

What for: To control what appears on your profile.

Instagram users can tag you in photos and videos in their posts. By default, such posts automatically appear on your profile and become visible to all users. Disable this feature if you want to decide what posts to show to you followers.

To stop automatic publication of such posts on your profile and hide posts that have been published already:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Posts;
5. Enable the Manually Approve Tags option;
6. Select the posts that you want to hide from your profile and tap Hide.

What for: So that only your close friends have access to your stories.

By default, your stories are visible to all followers. However, you can stop specific users from viewing them. This can be helpful if you use stories to post personal photos and videos that you do not wish to share with everybody.

To configure the visibility of stories:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Story;
5. Tap the number of people next to Hide Story From;
6. In the window that opens, select the followers from whom you want to hide your stories;
7. Tap the check mark in the upper right corner of the screen.

You can also show your stories only to a limited number of followers added to the list of close friends.

To create or edit this list:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Close Friends;
5. Tap the Add button next to the followers you want.

To make a story visible only to close friends, while publishing the story tap the green icon with a star at the bottom of the screen.

What for: To keep your posts from being shared beyond the intended audience.

By default, other Instagram users can add your posts to their stories and IGTV videos as well as publish materials from your stories in their Instagram and Facebook posts. To stop others from using your posts:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Story;
5. Disable the following options in the Sharing section:
6. Allow Resharing to Stories — to stop other users from adding your posts to their stories.
7. Allow Sharing — to stop other users from sharing your stories as messages.
8. Share Your Story to Facebook — to stop automatic reposting of your story to Facebook.

What for: To prevent cybercriminals from getting hold of your personal information.

By default, your posts are visible to all Instagram users. Search engines can also include your posts in search results. If your profile is public, information in posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can make your account private to make your posts visible only to approved followers.

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Account Privacy;
5. Enable the Private Account option.

Existing followers will still be able to see your posts. You can remove those followers with whom you do not want to share your posts:

1. Go to your profile and tap the number of followers at the top of the screen;
2. Find the user whom you want to remove, tap Remove next to their name, and confirm your choice.

The user will not be notified that you have removed them from the list of followers.

Keep in mind that when you share a post from a private Instagram account on a different social network, post visibility will depend on settings of this social network and not Instagram.

What for: Not to lose money.

Instagram users can spend money directly on the social network: for example, to buy ads. To this end, Instagram requests and stores details of a bank card or PayPal account. However, if your account gets compromised by a leak or gets hacked, your financial info can end up in the hands of cybercriminals.

To remove stored bank card and e-wallet data:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Payments section. If you do not see this section, this means that you do not have any cards or accounts linked to your account;
4. Select Payment Methods;
5. Tap a card or PayPal account in the list and tap Remove.

Downside: After removing cards and accounts you will not be able to order ads or make purchases on Instagram. However, you can still buy goods on pages of stores if payment is processed on the merchant’s website.