Instagram privacy settings on iPhone: Medium level

What for: So you don’t get hacked.

If you are using a short and simple password for your Instagram account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

• Is at least 8 characters long;
• Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
• Is not an actual word or easy-to-guess phrase;
• Is not the same as your passwords for any other accounts;
• Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Security section;
4. Select Password;
5. If the system sends you a message to the e-mail address linked to the account, open it, tap the button, and set a new password;
6. If the form for changing the password opens, enter the old password and then enter the new password twice;
7. Tap Save.

What for: So you definitely don’t get hacked.

Instagram can prompt you to enter an additional one-time code when you log into the account. Even if cybercriminals find out your login and password, they will not be able to use them without this code. The code can be received via a text message or using an authentication app.

Keep in mind that Instagram can use the phone number you specified for one-time codes for its own purposes, for example to show you targeted ads.

To enable two-factor authentication:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Security section;
4. Select Two-Factor Authentication;
5. Click Get Started and choose a method for receiving the one-time code:
6. Text message to phone:
7. Tap Next;
8. You will see a list of recovery codes. Copy it and tap Done.
9. A code generated by another app, such as Google Authenticator.
10.  Start the app you have chosen for two-factor authentication and follow the on-screen instructions.

It is considered that safer to use an authentication app for two-factor authentication. A text message with the code can be intercepted by infecting the smartphone with malware or by exploiting a communication protocol vulnerability.

What for: To detect and stop any suspicious activity before it’s too late.

You can view information about all of your account activity and take steps when you detect suspicious activity.

To view the login history and other data of your account:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Security section;
4. Select Access Data;
5. View information about your account activity. Pay close attention to the Account Activity section that contains a history of logins into your account.

What for: To prevent the loss of one account from causing the loss of all other accounts.

Instagram lets you link your account to profiles on other platforms. This lets you automatically share your posts on other social networks. If cybercriminals hack your Instagram account, they will be able to publish posts on your behalf on related networks. Meanwhile, if cybercriminals find out the login and password for your Facebook account, they will be able to hijack your Instagram account.

To disable account syncing:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Account section;
4. Select Sharing to other apps;
5. Tap the social network name highlighted in color and select Unlink Account in the window that opens.

Downside: After disabling account syncing you will no longer be able to automatically post on several social networks at once. You will also no longer be able to restore access to Instagram using your Facebook profile.

What for: So Instagram does not know more than it needs to.

Instagram requests the contact list of your phone to help you locate the people you know on the social network. The service also collects information about your contacts to generate targeted ads and form the news feed. Since such data is passed on to others, including third parties, there is an increased risk of data leaks.

To stop Instagram from using your contact list:

1. Open Settings on your device;
2. Scroll down to the list of apps;
3. Select Instagram;
4. Turn off the toggle switch next to Contacts;

Downside: Without access to the contact list, Instagram will no longer be able to advise you to follow the accounts of your friends in your contact list.

If such apps as Facebook, Messenger or WhatsApp, which are owned by Facebook, have access to the contact list, this information can still be used by the social network.

Keep in mind that you have to disable access to contacts on all your devices with contact lists.

You can check which contacts are already uploaded to your accounts and remove any unwanted information here:

• Facebook https://www.facebook.com/mobile/facebook/contacts/?tab=contacts
• Messenger https://www.facebook.com/mobile/messenger/contacts/
• Instagram https://www.instagram.com/accounts/contact_history/

What for: So Facebook does not know where you go.

Instagram tracks your location in order to suggest geotags for your posts, generate targeted ads, and suggest hangouts. Transmission of such data compromises your privacy, increases traffic usage and drains the battery. You can stop Instagram from accessing GPS data of the device.

To stop Instagram from tracking your location:

1. Open Settings on your device;
2. Go to the Privacy section;
3. Open Location Services;
4. Find Instagram in the list of apps;
5. Select Never.

What for: To remove irrelevant comments.

By default, all Instagram users can leave comments under your posts, which is a feature that is often abused by spammers and trolls.

To limit comments on all future posts:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Comments;
5. Tap Allow Comments From and select who can comment on your posts;
6. Everyone
7. People You Follow and Your Followers
8. People You Follow
9. Your Followers
10. You can also stop specific users from commenting on your posts. Tap Block Comments From and select users you don’t wish to receive comments from.

If you have a private account, only approved followers can comment on your posts.

You can also stop users from commenting on existing posts or specific new posts:

1. When creating a new post, tap Advanced Settings;
2. Turn on the Turn Off Commenting toggle switch.

To disable comments under a post that has been already published:

1. Go to your profile;
2. Open the relevant post;
3. Tap the three dots icon next to your name;
4. Select Turn Off Commenting.

What for: So as not to waste time and brain cells on cleaning up comments.

By default, Instagram blocks potentially offensive comments using a built-in filter. However, you can add a custom list of forbidden words, phrases, numbers, or smiley faces:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Comments;
5. Turn on the toggle switch next to:
6. Hide Offensive Comments — to enable the built-in Instagram filter.
7. Manual Filter — to add a custom list of forbidden words, phrases, numbers, or smiley faces to the filter.
8. Filter Most Reported Words (this item appears after you activate Manual Filter) — to add to your filter the words, phrases, numbers, and emojis that are blocked most often by other users.

What for: To control what appears on your profile.

Instagram users can tag you in photos and videos in their posts. By default, such posts automatically appear on your profile and become visible to all users. Disable this feature if you want to decide what posts to show to you followers.

To stop automatic publication of such posts on your profile and hide posts that have been published already:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Tags;
5. Turn off the Add Automatically toggle switch;
6. Tap Hide Photos and Videos of You and select the posts that you want to hide from your profile.

What for: So that only your close friends have access to your stories.

By default, your stories are visible to all followers. However, you can stop specific users from viewing them. This can be helpful if you use stories to post personal photos and videos that you do not wish to share with everybody.

To configure the visibility of stories:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section and select Story;
4. Tap the number of people to the right of Hide Story From;
5. In the window that opens, select the followers from whom you want to hide your stories;
6. Tap Done.

You can also show your stories only to a limited number of followers added to the list of close friends.

To create or edit this list:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Tap Close Friends;
5. Tap Add next to the names of followers whom you want to add to the list;
6. On the Your List tab, you can remove followers from the list of Close Friends.

To make a story visible only to close friends, while publishing the story tap the green icon with a star at the bottom of the screen.

What for: To keep your posts from being shared beyond the intended audience.

By default, other Instagram users can add your posts to their stories and IGTV videos as well as publish materials from your stories in their Instagram and Facebook posts. To stop others from using your posts:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Story;
5. Disable the following options in the Sharing section:
6. Allow Resharing to Story — to stop other users from adding your posts to their stories. You will not see this item if you have a private account.
7. Allow Sharing as Message — to stop other users from sharing your stories as messages.
8. Share Your Story to Facebook — to stop automatic reposting of your story to Facebook.

What for: To prevent cybercriminals from getting hold of your personal information.

By default, your posts are visible to all Instagram users. Search engines can also include your posts in search results. If your profile is public, information in posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can make your account private to make your posts visible only to approved followers.

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Privacy section;
4. Select Account Privacy;
5. Turn on the Private Account toggle switch.

Existing followers will still be able to see your posts. You can remove those followers with whom you do not want to share your posts:

1. Go to your profile and tap the number of followers at the top of the screen;
2. Find the user you want to remove and tap three dots next to the Follow or Following button;
3. Tap Remove in the window that opens.

The user will not be notified that you have removed them from the list of followers.

Keep in mind that when you share a post from a private Instagram account on a different social network, post visibility will depend on settings of this social network and not Instagram.

What for: Not to lose money.

Instagram users can order ads on the social network, donate money to charity, or buy goods. To this end, Instagram requests and stores details of a bank card or PayPal account as a method of payment. However, if your account gets compromised by a leak or gets hacked, your financial info can end up in the hands of cybercriminals.

To remove stored bank card and e-wallet data:

1. Go to your profile and tap the menu icon in the upper right corner of the screen;
2. Open Settings;
3. Go to the Payments section. If you do not see this section, this means that you do not have any cards or accounts linked to your account;
4. Select Payment Methods;
5. Tap a card or PayPal account in the list and tap Remove.

Downside: After removing cards and accounts you will not be able to order ads or make purchases on Instagram. However, you can still buy goods on pages of stores if payment is processed on the merchant’s website.