9 tips to secure your Facebook account and stop unauthorized use

Do you have reasons to believe your Facebook account has been compromised? In this guide, we will show you how to see if someone is using your Facebook account and share essential tips to secure it from further unauthorized access.

While we have used the Facebook app on iPhone to demonstrate the steps below, they should be similar if you want to follow them in a computer browser. Just keep in mind that you have to tap the menu button in the app. However, you have to click your profile picture from the top right and select Settings and Privacy on your computer.

Check if someone else has access to your Facebook account

Keeping your Facebook account secure is paramount, as it has your private information and can even be used to impersonate you and trick others. In most cases, people close to you (e.g., your spouse) are the ones who have secretly logged into your Facebook account on their device or computer browser.

If you are seeing your new messages getting read even though you did not open that conversation, or if you notice some other changes to your account, like posts you do not recall making, chances are someone has access to your account.

Here’s how to see all the devices where your Facebook account is being used or was used in the past:

1) Open the Facebook app and tap Menu from the bottom right.

2) Go to Settings & privacy > Settings.

3) Tap Password and security from the Meta Accounts Center at the top.

4) Select Password and security once again.

5) Tap Where you’re logged in.

6) Select your Facebook account, and now you can see the devices where you are currently logged in or have been in the recent past. Look closely at the dates to know when your account was last used on that device.

Note:

• One device may appear multiple times if you delete and reinstall the Facebook app on it.
• The locations shown here may not be precise.

Secure your Facebook account from others

If you believe your account is frequently used on other people’s devices, here’s how to stop that from happening any longer.

Remove their device

1. Go through the steps mentioned above to see where your Facebook account is used.
2. Tap the device that isn’t yours or that you no longer manage. If you can’t tap a device, follow the next method below.
3. Tap Log out from the subsequent screen.

Log out of all devices where your account is logged in

You may see a huge list of phones and computers on the “Account login activity” screen, and it can get confusing and time-consuming to decide which one to log out of. In that case, you can nuke all previously logged-in devices in one go.

1. Follow the above steps to see all the devices where your Facebook account is used.
2. Scroll to the bottom and tap Select devices to log out.
3. Tap Select all and hit Log out.

Now, your Facebook account will be logged out automatically from everywhere, including unauthorized devices and your other devices.

Change your Facebook password

If someone else is using your account, it’s almost certain they know your Facebook password. Changing it will ensure they can no longer log in.

1. Open the Facebook app and tap Menu > Settings & privacy > Settings.
2. Now, tap Password and security > Password and security > Change password.
3. Select your Facebook account.
4. Enter your current password, followed by the new password you want to set, and tap Change password.

If you do not remember your current password, look for it in iCloud Keychain or another password manager service you use, like Google Passwords or 1Password. If you still can’t find it, tap Forget your password to reset it.

Make sure your email address and phone number are added to your Facebook account

Once someone with nefarious intentions gets access to your Facebook password, they can change your existing email address and phone number added to your account to something else that they own. After this, the entire account is under their control and they can change the password as well as prevent you from logging into it again!

So, act quickly while you have access to your account, and make sure your email and mobile numbers are added to your Facebook account.

1. Go inside the Facebook app and tap Menu > Settings & privacy > Settings.
2. Tap Personal details > Personal details.
3. Make sure the email and phone numbers you see here are correct.
4. If not, tap Contact info, select the email or phone number that’s not yours, and hit Delete.

Add more than one backup email

Having a couple of backup email addresses and phone numbers is recommended as that will ensure you have a fallback option in case your main email or phone number is unreachable or compromised.

Follow the steps mentioned in the previous heading to see your contact information. From there, tap Add new contact > Add mobile number or Add email and go through the on-screen steps to add them.

Activate two-factor authentication

Many services, such as Google, Apple, Twitter, Instagram, WhatsApp, and Facebook, support two-factor authentication (2FA). This adds an extra layer of protection to your account.

After you set up 2FA, you will have to enter a one-time use code sent to your mobile or from an authenticator app when you try to log in on a new device. This code is asked after entering the correct email and password.

So, even if someone steals your Facebook password or it appears in a data breach, two-factor authentication should still prevent them from logging in.

Here’s how to set up 2FA for your Facebook account:

1. Open the Facebook app and tap Menu > Settings and privacy > Settings > Password and security > Password and security.
2. Tap Two-factor authentication.
3. Select your Facebook account.
4. Now, set it up using text message or an authenticator app like Google Authenticator, Microsoft Authenticator, or iCloud’s built-in Authenticator. You can even use physical security keys like ones from YubiKey. These physical security keys are similar to small pen drives that plug into your device to authenticate when you want to log in.

If you need assistance, please see our detailed tutorial on setting up 2FA for Twitter. The basics for most services, including Facebook, are similar.

Set up login alerts

1. Follow the above steps to return to the Password and security screen in the Facebook app.
2. Tap Login alerts.
3. Select your Facebook account.
4. Make sure In-app notifications and Email are checked.

You will now receive notifications and emails when someone logs into your account. You can then quickly take action and log them out or change your account password.

Revoke apps and websites from accessing your Facebook account

While it’s easy to sign up for apps and websites using Facebook, you should make sure that unneeded or shady services do not continue to have access to your profile.

1. Open the Facebook app and tap Menu > Settings and privacy > Settings.
2. Scroll down and select Apps and websites.
3. You will now see the services you have connected to your Facebook account.
4. Tap the one whose permission you want to revoke and hit Remove from the next screen.
5. Repeat this process for all such apps and websites.

The above tips should really help keep your account safe.

However, if your Facebook account is hacked and the hacker is posting spam on your wall or messaging friends with shady links, you should try to reset your password and remove their access. After that, report to Facebook that your account was hacked.

Once you regain full control of your account, you can inform your friends via a post that your account was hacked, and people should not visit links the unauthorized user sent them.