X

Take 5 Minutes and Check These Facebook Privacy Settings

Can't remember the last time you gave your account a checkup? We'll walk you through what you should do to better protect your personal information.

Jason Cipriani Contributing Writer, ZDNet
Jason Cipriani is based out of beautiful Colorado and has been covering mobile technology news and reviewing the latest gadgets for the last six years. His work can also be found on sister site CNET in the How To section, as well as across several more online publications.
Jason Cipriani
5 min read
Facebook logo on phone screen

Facebook isn't known for amazing privacy practices, so you may want to take things into your own hands. 

Sarah Tew/CNET

Facebook (and its parent company, Meta) has some issues around data privacy, and you may be wondering what you can do to better protect your personal information while using the popular social network. I suggest doing regular privacy check ups every few months. Doing so will help you keep up with the constant changes Facebook makes and will help you keep tabs on random apps you grant access to your information.

how-to-tech-tips-logo-badge.png

Facebook, after all, is one of the largest online hoarders of our personal data. Because of that, our private info is a prime target for would-be bad actors. Accessing your information doesn't always mean gaining direct access to your account due to a poor password. Instead, as we learned a few years ago from the Cambridge Analytica scandal, approving a rogue app can do just as much damage. 

So while I have your attention and you're thinking about it, take a few minutes to secure your Facebook account. I recommend going through the steps outlined below on a computer -- not your phone. It makes it easier to read all the pertinent information while you make adjustments. Keep reading to learn how to set a strong password, limit how others can search for you and prevent Facebook from keeping your location history.

Watch this: Facebook's Horizon Workrooms: A VR office app you can bring your laptop into

Use a strong password and two-factor authentication 

The first things you should do to secure your Facebook account are to create a strong password and enable two-factor authentication. This might seem obvious, but the importance can't be overstated. You'll also want to make sure you're not using the same password for crucial accounts like your banking app. Use a password manager to help create and, most importantly, remember your unique passwords (these are our top picks for best password manager). Go to the Security page and change your password.

"Use two-factor authentication" highlighted on an options screen

Strong passwords and two-factor authentication are incredibly important. 

Screenshot by Jason Cipriani/CNET

Once you have a new password, turn on two-factor authentication. With 2FA enabled, you'll need to enter your secure password and a randomly generated code whenever you sign in to your account. (You really should be using 2FA on every account and service that supports it.)

Read more: Best Password Manager to Use for 2022

Most password managers have the ability to store your two-factor authentication codes, as well. However, you can always use Google Authenticator to store and provide access to your codes if needed.

Facebook privacy settings screen

Take time to go through each Facebook privacy setting and tailor it to your liking. 

Screenshot by Jason Cipriani/CNET

Go through Privacy Settings and Tools

Facebook has a dedicated Privacy section for your account. In this section, you can do things like set the default privacy setting for future posts, control who can send you friend requests and decide what information people can use to search for your account.

Go through each and every option on the privacy settings and tools page and adjust each one to your liking. I suggest setting your future posts to "Friends" and limiting the phone number and email address search options to "Friends" or "Only Me" to ensure that anyone with just a piece of your personal info can't find your account.

Remove past posts from the public eye

Limit past post options screen

There's no telling what kind of personal information you shared several years ago on Facebook. Limit past posts to prevent that information from being public. 

Screenshot by Jason Cipriani/CNET

The way we use social networks has changed quite a bit, especially as we become more aware of just how Facebook, and those on Facebook, can use our personal information.

Thankfully, you can limit your past posts from being visible to anyone who might stumble across your profile.

Go to the Privacy section and find Limit the audience for posts you've shared with friends of friends or Public? and click on it. Next, click the button labeled Limit Last Posts. Facebook will then convert anything you've ever shared publicly or with friends of friends to being visible by only your friends, thus limiting who can see it.

It's an all-or-nothing setting. Meaning, you can't pick and choose which posts you want to change via this setting. If you want to do that, you'll have to manually go through your timeline and make those changes individually.

Audit devices with access to your account

Screen showing devices that have access to a Facebook account

You may end up surprised at how many devices have access to your Facebook account. 

Screenshot by Jason Cipriani/CNET

Over the years, we've all signed into our Facebook accounts on different phones, computers, tablets and various other devices. Facebook keeps a log of the devices that have access to your account, and makes it easy to revoke access to a rogue device or one you forgot to log out of.

View a list of all those devices under the Where You're Logged In section of the Security and Login page. If you have several devices, click on See More to view the entire list. To remove a device from the list, click on the three-dot icon to the right of the device's name and then Log Out. You'll be asked whether or not you want all posts that came from that device to be removed from your account as well; a convenient feature should someone have gained access to your account and posted without your permission.

Alternatively, you can sign out of every device linked to your account by clicking See More > Log Out Of All Sessions at the bottom of the list. I found a couple of devices from 2012 that still had access to my account while writing this article -- yikes. I logged out of all devices to start with a clean slate as a result. The few seconds I'll spend logging back in each time I use a device that was revoked is well worth the peace of mind.

Don't forget to look through apps with access

Screen showing apps with access to a Facebook account

Keeping tabs on the apps with access to your Facebook account is just plain smart. 

Screenshot by Jason Cipriani/CNET

In that same vein, we've all granted countless apps access to our Facebook account. Over time, some apps are abandoned by developers and ultimately become a security risk. Should someone gain access to the app's database of users, they could -- in theory -- gain access to some features and information stored in your Facebook account.

Visit the Apps and Websites page to view the Active apps that have access to your account. If you have an expired app, like I do in the screenshot above, or apps you no longer want to retain access to your Facebook account, click the Remove button to the right of the app's name. 

Facebook logo on phone screen

Don't let Facebook track your location. 

Sarah Tew/CNET

Turn off, delete Location History on your phone

Facebook uses its access to location data from your phone to create a map of your location history. You can delete your location history here, or if you'd rather Facebook not store your location history at all, you can turn off location history on that same page. 

On an Android phone, open the Facebook app and then tap on the three-line icon. Under Settings & Privacy select Privacy Shortcuts followed by Manage your location settings on the Privacy card. Next, select Location History > View your Location History and enter your account password when asked. Finally, tap on the three-dot icon in the top-right corner and select Delete all Location History. 

The process is similar on an iPhone. Open the Facebook app and tap on the three-line icon, then Settings & Privacy then select Privacy Shortcuts followed by Manage your location settings on the Privacy card. Select Location History View your Location History and enter your account password when asked. Finally, tap on the three-dot icon in the top-right corner and select Delete all Location History. 

Not sure you even want to use Facebook anymore? You can delete your account, but it takes some planning on your part. If you just can't get away from Facebook, for whatever reason, here are tips to keep your data secure and some of the best VPN services to try.

Watch this: Is Facebook spying on you?