Instagram privacy settings on Mac: Medium level

What for: So you don’t get hacked.

If you are using a short and simple password for your Instagram account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

• Is at least 8 characters long;
• Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
• Is not an actual word or easy-to-guess phrase;
• Is not the same as your passwords for any other accounts;
• Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Change Password tab.
4. Enter your current password and set a new one.
5. Click Change password.

What for: So you definitely don’t get hacked.

Instagram can prompt you to enter an additional one-time code when you log into the account. Even if cybercriminals find out your login and password, they will not be able to use them without this code. The code can be received via a text message or using an authentication app.

Keep in mind that Instagram can use the phone number you specified for one-time codes for its own purposes, for example to show you targeted ads.

To enable two-factor authentication based on your phone number:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Privacy and Security tab;
4. In the Two-Factor Authentication section, click Edit Two-Factor Authentication Setting;
5. Select Use Text Message to receive the verification code by text message;
6. Select Turn On in the dialog that opens;
7. Check the phone number used to receive the text message, edit it and click Next, if appropriate;
8. Enter the confirmation code you receive by text message and click Ready.
9. Instagram opens a page with five backup recovery codes. You need them to access your account even if you lose your phone. Every code can be used only once. Write them down or take a screenshot of them, and keep this information in a safe place.

It is considered that safer to use an authentication app for two-factor authentication. A text message with the code can be intercepted by infecting the smartphone with malware or by exploiting a communication protocol vulnerability.

The Web version of the service currently does not allow enabling two-factor authentication using a 2FA app. To do so, open the settings of the Instagram app for iOS or Android.

What for: To detect and stop any suspicious activity before it’s too late.

You can view information about all of your account activity and take steps when you detect suspicious activity.

To view the login history and other data of your account:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Privacy and Security tab;
4. Click View Account Data in the Account Data section;
5. View information about your account activity. Pay close attention to the Account Activity section that contains a history of logins into your account.

You can also unlink Instagram from other social network accounts so you don’t lose other accounts when one of them gets hacked. This cannot be done in the Web version; follow instructions to configure the iOS or Android app.

What for: So Instagram does not know more than it needs to.

If you enabled contact syncing in Instagram for iOS or Android, the social network uses your contacts to create targeted ads or to suggest accounts of people you know to follow. Such data is passed on to others, including third parties, leading to an increased risk of data leaks.

To remove contact information:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Manage Contacts tab;
4. Click Delete All.

Note that without access to the contact list, Instagram will no longer be able to recommend the accounts of your friends whose numbers are in your smartphone contact list. Previously collected contact information is stored even after access has been disabled.

By default, Instagram blocks potentially offensive comments under your posts using a built-in filter. You can also hide comments based on your custom list of forbidden words and expressions.

To configure blocking of offensive comments:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Privacy and Security tab;
4. Click Edit Comment Settings in the Comments section;
5. Add words and expressions comments with which you want to hide in the Keyword Filters field and click Submit to configure your custom filter;
6. Select the check mark next to Use Standard Keywords to enable the built-in filter of offensive words and expressions.

You can also choose who can comment on your posts. This cannot be done in the Web version; follow instructions to configure the iOS or Android app.

What for: To control what appears on your profile.

Instagram users can tag you in photos and videos in their posts. By default, such posts automatically appear on your profile and become visible to all users. Disable this feature if you want to decide what posts to show to you followers.

To stop automatic publication of such posts on your profile and hide posts that have been published already:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Privacy and Security tab;
4. Select the Add Manually check mark in the Photos of You section.

What for: To keep your stories from being shared beyond the intended audience.

By default, other Instagram users can share your stores by direct messages and on Facebook. You can stop others from using your posts:

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Privacy and Security tab;
4. Clear the Allow Sharing check mark in the Story Sharing section.

You can also stop other users from sharing your posts in their stories. This cannot be done in the Web version; follow instructions to configure the iOS or Android app.

What for: So that only your close friends have access to your stories.

You can limit the visibility of your stories. This cannot be done in the Web version; follow instructions to configure the iOS or Android app.

What for: To prevent cybercriminals from getting hold of your personal information.

By default, your posts are visible to all Instagram users. Search engines can also include your posts in search results. If your profile is public, information in posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can make your account private to make your posts visible only to approved followers.

1. Go to your profile by clicking the human figure icon in the upper right corner of the screen;
2. Click Edit Profile;
3. Select the Privacy and Security tab;
4. Select the Private Account check mark in the Account Privacy section.

Existing followers will still be able to see your posts. You can remove those followers with whom you do not want to share your posts:

1. Open the profile of the user you want to remove;
2. Click the three-dot icon to the right of the account name;
3. In the window that opens, select Block This User;
4. Click Block.

The user will not be notified that you have removed him from the list of followers.

Keep in mind that when you share a post or story from a private Instagram account on a different social network, such as Facebook, post visibility will depend on settings of your Facebook account.

What for: Not to lose money.

You can remove information about payment methods from your Instagram account. This cannot be done in the Web version; follow instructions to configure the iOS or Android app.