Take 5 Minutes and Check These Facebook Privacy Settings
Can't remember the last time you gave your account a checkup? We'll walk you through what you should do to better protect your personal information.
Jason CiprianiContributing Writer, ZDNet
Jason Cipriani is based out of beautiful Colorado and has been covering mobile technology news and reviewing the latest gadgets for the last six years. His work can also be found on sister site CNET in the How To section, as well as across several more online publications.
Facebook (and its parent company, Meta) has some issues around data privacy, and you may be wondering what you can do to better protect your personal information while using the popular social network. I suggest doing regular privacy check ups every few months. Doing so will help you keep up with the constant changes Facebook makes and will help you keep tabs on random apps you grant access to your information.
Facebook, after all, is one of the largest online hoarders of our personal data. Because of that, our private info is a prime target for would-be bad actors. Accessing your information doesn't always mean gaining direct access to your account due to a poor password. Instead, as we learned a few years ago from the Cambridge Analytica scandal, approving a rogue app can do just as much damage.
So while I have your attention and you're thinking about it, take a few minutes to secure your Facebook account. I recommend going through the steps outlined below on a computer -- not your phone. It makes it easier to read all the pertinent information while you make adjustments. Keep reading to learn how to set a strong password, limit how others can search for you and prevent Facebook from keeping your location history.
Once you have a new password, turn on two-factor authentication. With 2FA enabled, you'll need to enter your secure password and a randomly generated code whenever you sign in to your account. (You really should be using 2FA on every account and service that supports it.)
Most password managers have the ability to store your two-factor authentication codes, as well. However, you can always use Google Authenticator to store and provide access to your codes if needed.
Go through Privacy Settings and Tools
Facebook has a dedicated Privacy section for your account. In this section, you can do things like set the default privacy setting for future posts, control who can send you friend requests and decide what information people can use to search for your account.
Go through each and every option on the privacy settings and tools page and adjust each one to your liking. I suggest setting your future posts to "Friends" and limiting the phone number and email address search options to "Friends" or "Only Me" to ensure that anyone with just a piece of your personal info can't find your account.
Remove past posts from the public eye
The way we use social networks has changed quite a bit, especially as we become more aware of just how Facebook, and those on Facebook, can use our personal information.
Thankfully, you can limit your past posts from being visible to anyone who might stumble across your profile.
Go to the Privacy section and find Limit the audience for posts you've shared with friends of friends or Public? and click on it. Next, click the button labeled Limit Last Posts. Facebook will then convert anything you've ever shared publicly or with friends of friends to being visible by only your friends, thus limiting who can see it.
It's an all-or-nothing setting. Meaning, you can't pick and choose which posts you want to change via this setting. If you want to do that, you'll have to manually go through your timeline and make those changes individually.
Audit devices with access to your account
Over the years, we've all signed into our Facebook accounts on different phones, computers, tablets and various other devices. Facebook keeps a log of the devices that have access to your account, and makes it easy to revoke access to a rogue device or one you forgot to log out of.
View a list of all those devices under the Where You're Logged In section of the Security and Login page. If you have several devices, click on See More to view the entire list. To remove a device from the list, click on the three-dot icon to the right of the device's name and then Log Out. You'll be asked whether or not you want all posts that came from that device to be removed from your account as well; a convenient feature should someone have gained access to your account and posted without your permission.
Alternatively, you can sign out of every device linked to your account by clicking See More > Log Out Of All Sessions at the bottom of the list. I found a couple of devices from 2012 that still had access to my account while writing this article -- yikes. I logged out of all devices to start with a clean slate as a result. The few seconds I'll spend logging back in each time I use a device that was revoked is well worth the peace of mind.
Don't forget to look through apps with access
In that same vein, we've all granted countless apps access to our Facebook account. Over time, some apps are abandoned by developers and ultimately become a security risk. Should someone gain access to the app's database of users, they could -- in theory -- gain access to some features and information stored in your Facebook account.
Visit the Apps and Websites page to view the Active apps that have access to your account. If you have an expired app, like I do in the screenshot above, or apps you no longer want to retain access to your Facebook account, click the Remove button to the right of the app's name.
Turn off, delete Location History on your phone
Facebook uses its access to location data from your phone to create a map of your location history. You can delete your location history here, or if you'd rather Facebook not store your location history at all, you can turn off location history on that same page.
On an Android phone, open the Facebook app and then tap on the three-line icon. Under Settings & Privacy select Privacy Shortcuts followed by Manage your location settings on the Privacy card. Next, select Location History > View your Location History and enter your account password when asked. Finally, tap on the three-dot icon in the top-right corner and select Delete all Location History.
The process is similar on an iPhone. Open the Facebook app and tap on the three-line icon, then Settings & Privacy then select Privacy Shortcuts followed by Manage your location settings on the Privacy card. Select Location History > View your Location History and enter your account password when asked. Finally, tap on the three-dot icon in the top-right corner and select Delete all Location History.