Instagram privacy settings on iPhone: Medium level

Learn how to change your privacy settings on Instagram using iPhone. These steps adjust your privacy and security settings to Medium level protection.
Kaspersky Lab
13 minutes
Change settings
Privacy level
What are we setting up here?

How to keep your account from getting hacked

open all

Set a strong password

What for: So you don't get hacked.

If you are using a short and simple password for your Instagram account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

  • Is at least 8 and up to 20 characters long;
  • Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
  • Is not an actual word or easy-to-guess phrase;
  • Is not the same as your passwords for any other accounts;
  • Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Select Settings;
  3. Go to the Security section;
  4. Select Password;
  5. If the system sends you a message to the e-mail address linked to the account, open it, tap the button, and set a new password;
  6. If the form for changing the password opens, enter the old password and then enter the new password twice;
  7. Tap Save.

Enable two-factor authentication

What for: So you definitely don't get hacked.

Instagram can prompt you to enter an additional one-time code when you log in to the account. Even if cybercriminals find out your login and password, they will not be able to use them without this code. The code can be received via a text message or using an authentication app.

Keep in mind that Instagram can use the phone number you specified for one-time codes for its own purposes, for example to show you targeted ads.

To enable two-factor authentication:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Security section;
  4. Select Two-Factor Authentication;
  5. Tap Text Message and choose a method for receiving the one-time code by enabling one of the options:
  6. SMS — receive the code in a text message sent to your phone;
  7. Enter the code you received via SMS and double-tap Next;
  8. Authentication application — get a code generated by another application:
  9. Apple Passwords:
  10. Tap Next to open a list of your passwords saved on the device. If you didn't save your Instagram password, save it now and copy the verification code that your device will generate;
  11. Go back to the Instagram app and paste the password into the input field (if necessary, confirming the insertion in the window that opens);
  12. Double-tap Next;
  13. A third-party application (for example, Kaspersky Password Manager):
  14. Tap Another way to configure;
  15. Tap Copy Key in the center of the screen and enter it in the authentication application;
  16. Copy the generated six-digit code, go back to the Instagram app and tap Next;
  17. Insert the code (if necessary, confirm the action in the opened window); 
  18. You will be asked to save backup codes that you can use if you lose access to your phone or cannot use any of the additional verification methods. Copy or rewrite them to a secure location and tap Done.

Please note that attackers can intercept SMS with a password by infecting a smartphone with malware or taking advantage of a communication protocol vulnerability. Therefore it is safer to use the application for authentication.

After enabling two-factor authentication, you can specify an additional verification method:

  1. In the Two-factor authentication section, select Additional Methods;
  2. Enable the Login Requests option to receive notifications for approving new devices in the app;
  3. Select Backup Codes and save the suggested codes in a safe place if you have not done so before.

Check the security of your account

What for: To detect and stop any suspicious activity before it's too late.

You can view information about all of your account activity and take steps when you detect suspicious activity.

To view the login history and other data of your account:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Security section;
  4. Select Account Logins;
  5. Study the active sessions and, if you notice unfamiliar inputs, tap the three dots to the right of the session and then tap Exit.

Disable cross-service functions

What for: To prevent the loss of one account from causing the loss of all other accounts.

Instagram lets you link your account to profiles on other Meta platforms. This lets you automatically share your posts on other social networks. If cybercriminals hack your Instagram account, they will be able to publish posts on your behalf on related networks. Meanwhile, if cybercriminals find out the login and password for your Facebook account, they will be able to hijack your Instagram account.

To disable posting in several social networks at the same time:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to Account;
  4. Select Publish content to multiple profiles;
  5. Tap the connected Instagram profile and in the window that opens, disable the options Your story, Your posts , as well as Your Reels videos in the Instagram app (only for Instagram).

To disable logging in to accounts with data from other Meta accounts:

  1. Go back to the Meta Account Center and select Managing multiple account;
  2. Select the option Select accounts with which you can log in to other accounts;
  3. Select each account separately and uncheck the accounts of other services in the window that opens.

You can also delete an account from the Meta account center — this will not delete the accounts of individual services, but will just disconnect them from each other and will not allow you to use cross-service functions:

  1. Go back to the Meta Account Center and tap Accounts;
  2. Tap the Delete button next to any account;
  3. Then select Remove Account and tap Continue;
  4. Tap Remove Account .

Downside: Disabling cross-service functions and deleting a Meta account will prevent you from sharing posts simultaneously in several services. You will also no longer be able to restore access to Instagram using your Facebook profile.

How to keep corporations out of your business

open all

Stop Instagram from accessing your contacts

What for: So Instagram does not know more than it needs to.

Instagram requests the contact list of your phone to help you locate the people you know on the social network. The service also collects information about your contacts to generate targeted ads and form the news feed. Since such data is passed on to others, including third parties, there is an increased risk of data leaks.

If you previously gave the app access to your contacts, revoke the permission:

  1. Open Settings on your device;
  2. Scroll down to the list of applications;
  3. Select Instagram;
  4. Disable Contacts.

Downside: Without access to the contact list, Instagram will no longer be able to advise you to follow the accounts of your friends in your contact list.

If such apps as Facebook, Messenger or WhatsApp, which are owned by Facebook, have access to the contact list, this information can still be used by the social network.

Keep in mind that you have to disable access to contacts on all your devices with contact lists.

You can check which contacts are already uploaded to your accounts and remove any unwanted information here:

Limit access to location data

What for: So Facebook does not know where you go.

Instagram tracks your location in order to suggest geotags for your posts, generate targeted ads, and suggest hangouts. Transmission of such data compromises your privacy, increases traffic usage and drains the battery. You can stop Instagram from accessing GPS data of the device.

To stop Instagram from tracking your location:

  1. Open Settings on your device;
  2. Go to the Privacy section;
  3. Open Location Services;
  4. Find Instagram in the list of apps;
  5. Select Never.

Downside: You won't be able to add location to your posts.

How to defeat spammers and trolls

open all

Limit the ability to comment on your posts

What for: To remove irrelevant comments.

By default, all Instagram users can leave comments under your posts, which is a feature that is often abused by spammers and trolls.

  1. To limit comments on all future posts:
  2. Go to your profile and tap the menu icon in the upper right corner of the screen;
  3. Open Settings;
  4. Go to the Privacy section;
  5. Select Comments;
  6. Tap Allow Comments From and select who can comment on your posts:
  7. Your Followers;
  8. People You Follow;
  9. Your Followers and People You Follow.

You can also stop specific users from commenting on your posts:

  1. In the Comments section, tap Block Comments From;
  2. Enter the user's name and tap Block to the right of their profile.

If you have a private account, only approved followers can comment on your posts.

You can also stop users from commenting on existing posts or specific new posts:

  1. When creating a new entry after selecting the filter, tap Advanced Settings;
  2. Enable the Turn Off Commenting option.

To disable comments under a post that has been already published:

  1. Go to your profile;
  2. Open the relevant post;
  3. Tap the three dots icon next to your name;
  4. Enable the Turn Off Commenting option.

Hide offensive and unpleasant comments and messages

What for: To save you a lot of trouble.

By default, Instagram blocks potentially offensive comments using a built-in filter. You can also enable additional filters and add your own list of banned words, phrases, numbers, and emojis.

To hide offensive comments and messages:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Privacy section;
  4. Select Hidden Words (if an additional screen appears, tap Continue);
  5. Turn on the following options:
  6. Hide Comments in the Harmful and Offensive Comments and Messages section — to enable the built-in Instagram filter (the feature is enabled by default);
  7. Advanced Comment Filtering — for even more thorough filtering of comments under your posts;
  8. Hide Comments in the section Certain words in messages and comments — to add your own banned words, phrases, numbers and emojis to the filter:
  9. Tap Manage lists of words and phrases;
  10. In the input field, enter the comma-separated words, emojis and numbers that you don't want to see in the comments under your posts, and tap Add on the right;
  11. To hide message requests containing offensive words, phrases and emojis, go back to the Hidden Words section and enable the two options Hide Message Requests in the Message request that may be harmful sections and Certain Words in Messages and Comments;
  12. Finally, to hide unpleasant and offensive hashtags and captions, scroll down the page and enable the Hide Posts option;
  13. Then select Manage lists of words and phrases;
  14. In the field, enter the words, phrases, emojis and numbers that you do not wish to see in other people's posts and tap Done.

Block unwanted users

What for: To avoid unpleasant people.

If you want to stop communicating with a specific user, you can block them. As soon as an unwanted person is blocked, you will automatically unsubscribe from each other (if you were subscribed), and all their likes and comments on your content will disappear.

To block a user:

  1. Go to this user's page;
  2. Tap the three dots in the upper right corner of the screen;
  3. Tap Block;
  4. Tap Block or Block and Report and confirm your decision;
  5. If you have chosen the second option, follow the on-screen instructions to indicate the reason for filing the report.

Blocked users will not be able to view your profile, comment your content, or send you private messages. In this case, the user will not know that you blocked them.

Disable message requests from strangers

What for: To avoid spammers.

When someone sends you a private message for the first time, you first receive a message request from them, which is displayed in the corresponding tab of the personal messages screen. To start messaging with this person, you need to accept the message request first. However, you will still see the content of these requests, which you may not like.

To stop receiving message requests from strangers:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Privacy section;
  4. Select Messages;
  5. Select Other Instagram Users and People on Facebook and enable  Don't receive requests;
  6. If you have a connected Facebook account, repeat these steps for the following items:
  7. Friends of Friends on Facebook;
  8. People who have your phone number.

Social network users can also add you to group chats (groups). This feature can be used by spammers. To stop receiving unwanted messages:

  1. In the Messages section, select Who can add you to groups;
  2. Select the Only people you follow on Instagram option.

Protect yourself from communicating with unpleasant followers

What for: So that your followers don't upset you.

Let's say one of your followers started bothering you in comments or private messages, but for some reason you don't want or can't block them permanently. In this case, you can restrict the ability of a particular user to interact with you and your account.

To protect yourself from prying or unpleasant followers:

  1. Navigate to the profile of the person with whom you would like to minimize interaction to a safe minimum;
  2. Tap the three dots in the upper right corner of the screen and select Restrict;
  3. Tap Close.

Now the comments of this person on your posts will be seen only by you and them, and for you they will be hidden until you decide that you want to read them. Your correspondence with this user will be hidden from the chat list, and the user will not know when you are online.

How to hide posts from unwanted people

open all

Configure visibility of stories

What for: So that only your close friends have access to your stories.

By default, your stories are visible to all followers. However, you can stop specific users from viewing them. This can be helpful if you use stories to post personal photos and videos that you do not wish to share with everybody.

To configure the visibility of stories:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Privacy section and select Story;
  4. Tap Hide Story From;
  5. In the window that opens, select the followers from whom you want to hide your stories;
  6. Tap Done.

You can also show your stories only to a limited number of followers added to the list of close friends.

To create or edit this list, in the Story section:

  1. Tap Close Friends;
  2. In the window that opens, select the followers you want to add to the list of close friends;
  3. Tap Done.

To make a story visible only to close friends, while publishing the story tap the green icon with a star at the bottom of the screen.

Stop other people from using your posts and stories

What for: To keep your posts from being shared beyond the intended audience.

By default, Instagram users can add your posts to their stories, as well as share them and your stories in private messages with other users and add them to guides. To stop others from using your posts:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Privacy section;
  4. Select Story;
  5. Disable the following options in the Post section:
  6. Allow Sharing to Story — to stop other users from adding your posts to their stories. You will not see this item if you have a private account;
  7. Allow Sharing as Message — to stop other users from sharing your stories as messages;
  8. Share Your Story to Facebook — to stop automatic reposting of your story to Facebook;
  9. Return to the Privacy section;
  10. Select Guides;
  11. Disable the Allow others to use your posts option.

Your digital life mattersProtect it with the new Kaspersky

How to prevent your personal data from being exposed

open all

Make your account private

What for: To prevent cybercriminals from getting hold of your personal information.

By default, your posts are visible to all Instagram users. Search engines can also include your posts in search results. If your profile is public, information in posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can make your account private to make your posts visible only to approved followers.

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Privacy section;
  4. Turn on the Private Account toggle switch;
  5. Tap Make Private.

Existing followers will still be able to see your posts. You can remove those followers with whom you do not want to share your posts:

  1. Go to your profile and tap the number of followers at the top of the screen;
  2. Find the person you want to delete and tap Remove to the right of the Follow tab;
  3. Tap Remove in the window that opens and confirm your selection.

The user will not be notified that you have removed him from the list of followers.

Keep in mind that when you share a post from a private Instagram account on a different social network, post visibility will depend on settings of this social network and not Instagram.

Use the disappearing messages mode

What for: So that your secrets are kept within your chats.

Sometimes we'd rather not show our messages to anyone else. If you share information with your interlocutor that is better off staying within the chat, use the disappearing messages mode so that all your messages are deleted immediately after the conversation closes — for you and for all the chat participants.

To enter the disappearing messages mode:

  1. On the main page of the application, tap the Direct button with the chat image in the upper right corner;
  2. Select the chat;
  3. Swipe up from the bottom of the screen. Chats with the disappearing messages mode enabled will be marked in the chat list with a dotted circle to the right of the user's name.

Remember that your interlocutors can take a screenshot of your messages and that disappearing messages can still be used to report users.

How to hide unwanted content

open all

Enable filtering of inappropriate content

What for: To see only what you like.

Instagram offers its users a ton of diverse content, but some posts can still be unpleasant, for example, they may contain scenes of violence or substance use. Such content is considered unacceptable by the platform by default, and you can reduce the amount of it in your feed.

To see as little inappropriate content as possible:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Account section;
  4. Select Sensitive content control;
  5. Select Less and confirm your action.

Now you will see less inappropriate content in search results, in the "Interesting" and Reels sections, as well as in your feed and on hashtag pages.

How to clean up your traces

open all

Remove stored bank card and e-wallet data

What for: Not to lose money.

Instagram users can order ads on the social network, donate money to charity, or buy goods. To this end, Instagram requests and stores details of a bank card or PayPal account as a method of payment. However, if your account gets compromised by a leak or gets hacked, your financial info can end up in the hands of cybercriminals.

To remove stored bank card and e-wallet data:

  1. Go to your profile and tap the menu icon in the upper right corner of the screen;
  2. Open Settings;
  3. Go to the Payments section. If you do not see this section, this means that you do not have any cards or accounts linked to your account;
  4. Select Payment Methods;
  5. Tap a card or PayPal account in the list and tap Remove.

Downside: After removing cards and accounts you will not be able to order ads or make purchases on Instagram. However, you can still buy goods on pages of stores if payment is processed on the merchant's website.

What would have happened if you had chosen another privacy level?

Also recommended

Main / Instagram privacy settings on iPhone: Medium level
Privacy level


Basic privacy settings, maximum convenience.


A golden mean respecting privacy matters but preserving convenience.


A choice of security over convenience; instructions contain a lot of details.

What are we setting up here?