Instagram privacy settings on Mac: Medium level

What for: So you don't get hacked.

If you are using a short and simple password for your Instagram account, cybercriminals can guess it and hijack your account. A long and complex password is more secure. Use a strong password that:

• Is at least 8 and up to 20 characters long;
• Contains lowercase and uppercase letters, numbers, and special characters ($, @, etc.);
• Is not an actual word or easy-to-guess phrase;
• Is not the same as your passwords for any other accounts;
• Does not consist of information that strangers could easily find out (your name, date of birth, pet's name, and so forth — or those of your friends or relatives).

To change your password:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Select the Change Password tab;
4. Enter your current password and print a new one twice;
5. Click Change password.

What for: So you definitely don't get hacked.

Instagram can prompt you to enter an additional one-time code when you log in to the account. Even if cybercriminals find out your login and password, they will not be able to use them without this code. The code can be received via a text message or using an authentication app.

Keep in mind that Instagram can use the phone number you specified for one-time codes for its own purposes, for example to show you targeted ads.

To enable two-factor authentication based on your phone number:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Select the Privacy and Security tab;
4. In the Two-Factor Authentication section, click Edit Two-Factor Authentication Setting;
5. Select Use Text Message to receive the verification code by text message;
6. Select Turn On in the dialog that opens;
7. Check the phone number used to receive the text message, edit it and click Next, if appropriate;
8. Enter the confirmation code you receive by text message and click Ready.

In order not to lose your account in case you lose your phone number, save the backup codes:

1. On the same page, click Get Backup Codes;
2. Instagram opens a page with five backup recovery codes. Every code can be used only once. Write them down or take a screenshot of them, and keep this information in a safe place.

It is considered that safer to use an authentication app for two-factor authentication. A text message with the code can be intercepted by infecting the smartphone with malware or by exploiting a communication protocol vulnerability.

The Web version of the service currently does not allow enabling two-factor authentication using a 2FA app. To do so, open the settings of the Instagram app for iOS or Android.

What for: To detect and stop any suspicious activity before it's too late.

You can view information about all of your account activity and take steps when you detect suspicious activity.

To view the login history and other data of your account:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Select the Login activity tab;
4. Study active sessions and, if any unfamiliar entries, select a session and click Log Out.

What for: To prevent the loss of one account from causing the loss of all other accounts.

Instagram lets you link your account to profiles on other Meta platforms. This lets you automatically share your posts on other social networks. If cybercriminals hack your Instagram account, they will be able to publish posts on your behalf on related networks. Meanwhile, if cybercriminals find out the login and password for your Facebook account, they will be able to hijack your Instagram account.

To disable posting in several social networks at the same time:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. In the lower left corner of the settings window, select the Account Center section;
4. Select Sharing across profiles;
5. Click the connected profile and in the window that opens, disable the options Your story and Your posts.

To disable logging in to accounts with data from other Meta accounts:

1. Go back to the Meta Account Center and select Logging in with accounts;
2. Select the option Select accounts with which you can log in to other accounts;
3. Select each account separately and uncheck the accounts of other services in the window that opens.

You can also delete an account from the Meta account center — this will not delete the accounts of individual services, but will just disconnect them from each other and will not allow you to use cross-service functions:

1. Click Accounts in the menu on the left;
2. Click the Remove button next to any account and click Continue;
3. Click Delete Account.

Downside: Disabling cross-service functions and deleting a Meta account will prevent you from sharing posts simultaneously in several services. You will also no longer be able to restore access to Instagram using your Facebook profile.

What for: So Instagram does not know more than it needs to.

If you enabled contact syncing in Instagram for iOS or Android, the social network uses your contacts to suggest you to follow accounts of people you know or to create targeted ads. Such data is passed on to others, including third parties, leading to an increased risk of data leaks.

To remove contact information:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Select the Manage Contacts tab;
4. Click Delete All.

Note that without access to the contact list, Instagram will no longer be able to recommend the accounts of your friends whose numbers are in your smartphone contact list. 

What for: To remove irrelevant comments.

By default, all Instagram users can leave comments under your posts, which is often abused by spammers and trolls.

To limit comments on all future posts:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Go to the Privacy and security section;
4. Click Edit Comment Settings in the Comments section;
5. Click Allow comments from... and mark those who can comment on your posts:
6. Your Followers;
7. People You Follow;
8. Your subscribers and followers.

If you have a private account, only approved followers can comment on your posts.

You can also stop users from commenting on existing posts or specific new posts:

1. When creating a new entry after selecting the filter, click Advanced Settings;
2. Enable the Turn Off Commenting option.

To disable comments under a post that has been already published:

1. Go to your profile;
2. Open the relevant post;
3. Click the three dots icon next to your name;
4. Enable the Turn Off Commenting option.

What for: To save you a lot of trouble.

By default, Instagram blocks potentially offensive comments using a built-in filter. You can also enable additional filters and add your own list of banned words, phrases, numbers, and emojis.

To hide offensive comments and messages:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Go to the Privacy and security section;
4. Scroll down to the Hidden Words section;
5. Turn on the following options:
6. Hide comments — to enable the built-in Instagram filter (the feature is enabled by default);
7. Advanced Comment Filtering — for even more thorough filtering of comments under your posts;
8. Hide Message Requests — to hide message requests that may be insulting.

You can also set a custom list of words, comments with which will be hidden from you:

1. Scroll up the page and click Edit Comment Settings in the Comments section;
2. Add words, expressions, numbers and emojis, comments with which you want to hide in the Comment filtering field and click Submit to configure your custom filter;
3. Select Hide Comments to apply a custom list of hidden words.

What for: To avoid unpleasant people.

If you want to stop communicating with a specific user, you can block them. As soon as an unwanted person is blocked, you will automatically unsubscribe from each other (if you were subscribed), and all their likes and comments on your content will disappear.

To block a user:

1. Go to this user's page;
2. Click the three dots in the upper right corner of the screen;
3. Select Block and confirm your choice.

Blocked users will not be able to view your profile, comment your content, or send you private messages. In this case, the user will not know that you blocked them.

What for: To avoid spammers.

When someone sends you a private message for the first time, you first receive a message request from them, which is displayed in the corresponding tab of the personal messages screen. To start messaging with this person, you need to accept the message request first. However, you will still see the content of these requests, which you may not like.

To stop receiving message requests from strangers:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Go to the Privacy and security section;
4. In the Messages section, click Manage Message Settings;
5. In the Other on Instagram and Others on Facebook items, select the Don't Receive Requests option;
6. If you have a Facebook account added, repeat this action for the following items:
7. Friends of Friends on Facebook;
8. People who have your phone number.



Social network users can also add you to group chats (groups). This feature can be used by spammers. To stop receiving unwanted messages:

1. Scroll down to the Group Settings section;
2. In the Who can add you to groups item, select the Only people you follow on Instagram option.

What for: So that your followers don't upset you.

Let's say one of your followers started bothering you in comments or private messages, but for some reason you don't want or can't block them permanently. In this case, you can restrict the ability of a particular user to interact with you and your account.

To protect yourself from prying or unpleasant followers:

1. Navigate to the profile of the person with whom you would like to minimize interaction to a safe minimum;
2. Click the three dots in the upper right corner of the screen and select Restrict;
3. Confirm your choice.

Now the comments of this person on your posts will be seen only by you and them, and for you they will be hidden until you decide that you want to read them. Your correspondence with this user will be hidden from the chat list, and the user will not know when you are online.

What for: So that only your close friends have access to your stories.

By default, your stories are visible to all followers. However, you can stop specific users from viewing them. This can be helpful if you use stories to post personal photos and videos that you do not wish to share with everybody.

To configure the visibility of stories:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Go to the Privacy and security section;
4. In the Story section, click Edit story settings;
5. Click Hide story from;
6. In the window that opens, select the followers from whom you want to hide your stories.

You can also show your stories only to a limited number of followers added to the list of close friends.

To create or edit this list:

1. Go back to the Story Settings;
2. Click Close Friends;
3. In the window that opens, select the followers you want to add to the list of close friends.

To make a story visible only to close friends, while publishing the story click the green icon with a star at the bottom of the screen.

What for: To keep your posts from being shared beyond the intended audience.

By default, Instagram users can add your posts to their stories, as well as share them and your stories in private messages with other users and add them to guides. You can stop others from using your posts:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Go to the Privacy and security section;
4. In the Story section, click Edit story settings;
5. Disable the following options in the Post section:
6. Allow Resharing to Story — to stop other users from adding your posts to their stories. You will not see this item if you have a private account;
7. Allow Sharing as Message — to stop other users from sharing your stories as messages;
8. Go back to the Privacy and Security section;
9. In the Guides section, disable the Allow others to use your posts option.

What for: To prevent cybercriminals from getting hold of your personal information.

By default, your posts are visible to all Instagram users. Search engines can also include your posts in search results. If your profile is public, information in posts can be used against you. For example, information about your personal life can help telephone fraudsters to make up a convincing story in order to steal money from your bank accounts.

You can make your account private to make your posts visible only to approved followers:

1. Click More in the lower left corner of the screen;
2. Select Settings;
3. Go to the Privacy and security section;
4. Select the Private Account check mark in the Switch to Private section and confirm your choice.

Existing followers will still be able to see your posts. You can remove those followers with whom you do not want to share your posts:

1. Go to your profile and click the number of followers at the top of the screen;
2. Find the person you want to delete and click Remove to the right of the Follow tab;
3. Click Remove in the window that opens and confirm your selection.

The user will not be notified that you have removed him from the list of followers.

Keep in mind that when you share a post from a private Instagram account on a different social network, post visibility will depend on settings of this social network and not Instagram.

What for: Not to lose money.

You can remove information about payment methods from your Instagram account. This cannot be done in the Web version; follow instructions to configure the iOS or Android app.