Everything you need to know about Facebook security settings

Facebook regularly changes its security settings. Take a look: A useful new setting may have appeared since the last time you checked.

Facebook breached, account tokens leaked, here's what you need to know

So, you created a Facebook account, probably more than a few years ago. And maybe you even set it up well, checking through all of the available privacy and security settings and making careful choices. But have you opened the Settings tab since then? Or, be honest, did you just jump in that first day, promising to find the time to muddle through your options later on? In any case, this post is for you.

Facebook regularly changes security and privacy settings (some say they do so too often). That’s why it makes sense to check from time to time for any new or changed options. In this post, we explain Facebook security settings in detail.

Security settings

There are two ways to get to this tab. The quickest is to click the globe icon in the upper right corner (usually you use this button to look through your latest notifications) and choose Settings. Very slightly more involved: Click the arrow button near that globe and find Settings in the drop-down list.

Within Settings, choose the Security tab. Here you’ll see the list of settings that help you secure your account. If you want to read detailed description of any setting just click Edit.

Everything you need to know about Facebook security settings

What do all of these settings mean?

Let us explain them — all are worth your attention.

Login Alerts. Facebook stores a list of the computers, gadgets, and browsers you usually use to log in to your account. Turn alerts on to allow the social network to send notifications to your e-mail any time it detects authorization from a new device. Consequently, you will be alerted if somebody unwelcome logs in to your account. If that happens, change your password to keep them out. We recommend enabling this useful feature.

Facebook security settings guide

Login Approvals. This is Facebook’s two-factor authentication. After you enable this feature, the first time you log in to the social network from a new device you will receive a digital PIN by SMS (text message), and you’ll need to enter that with your password. It’s a minor hassle, totally worth the added peace of mind. Highly recommended!

Facebook security settings guide

Here you can also get 10 “emergency” single-use codes. They will come in handy in cases when you cannot receive an SMS message. For example, if you’ve lost your smartphone and want to change your Facebook password — but you can’t because you don’t have your phone. That’s when you’ll be glad you have those codes.

Code Generator. With this feature you can use codes from the Facebook mobile app instead of SMS, or choose another app. If you already use a good code generator (for example, Google Authenticator) why not link it with Facebook as well?

Everything you need to know about Facebook security settings

Use it or not — it’s up to you. But we recommend you at least give it a try.

App Passwords. You’ll need this option if you use your Facebook account to log in to some third-party apps and services, if two-factor authentication for your account is turned on, and if those features don’t play well with each other. Instead you can get login approvals for each app. You can read more about them here.

Everything you need to know about Facebook security settings

Public Key. In this tab, you can publish your OpenPGP public key. If you do so, the key will be displayed in your account info. Then, your friends can use the key to send you encrypted letters — so even if a letter gets into the wrong hands, no unintended recipient will be able to read it.

Facebook regularly changes its security settings. Take a look: A useful new setting may have appeared since the last time you checked.

Here’s how it works, in brief. You receive two keys — public and private. Your friends and acquaintances use your public key to encrypt messages they send you. When you receive such a message, you use your secret code to decrypt it. This is called asymmetric cryptography — encrypting messages with one key and decrypting with another.

In practice it is not very convenient, but it does work. Even if somebody hacks your e-mail they will not be able to read your conversations as long as you are the only holder of the private key.

This is also where you can turn on the option to have Facebook encrypt any e-mails it sends you.

Your Trusted Contacts. Here you can choose the users to ask for help if you lose access to your account. In that event, you’ll call them and ask them to tell you a single-use password. Enter it and your access will be restored. Here is a detailed explanation of how it all works.

Facebook regularly changes its security settings. Take a look: A useful new setting may have appeared since the last time you checked.

Keep in mind: The security of your account depends on your trusted contacts, so choose reliable people.

Recognized Devices. This is the list of remembered browsers and apps on the devices you use to log in to Facebook. When you connect to the social network from one of these devices, Facebook won’t send you a login alert.

Facebook regularly changes its security settings. Take a look: A useful new setting may have appeared since the last time you checked.

By the way, don’t forget to clear this list from time to time. And definitely do it if you lose a device.

Where You’re Logged In. This useful setting lets you check on which devices you are logged in to Facebook. Did you use the social network on a friend’s PC but forgot to log out? Or worse, on a public computer at the library? Do you see a suspicious session that you’re sure you didn’t initiate? Close all of those sessions — and change your password.

Facebook regularly changes its security settings. Take a look: A useful new setting may have appeared since the last time you checked.

Legacy Contact. Legacy contacts are people who can look after your page in the event of your death: write a pinned post for your profile, respond to new friend requests, or update your profile picture. This person will not be able to publish posts as if they were you. Here is more about this feature.

Facebook security settings guide

Deactivate Your Account. If you want to take a break from Facebook, you can temporarily deactivate your account. Your posts will be hidden, but you’ll be able to come back whenever you want, simply by logging in to Facebook again.

Everything you need to know about Facebook security settings

(You can also delete your Facebook account forever, but that option is not available under Settings. Here is the secret link for that.)

Two other useful options

Within Settings, open the General tab. In addition to personal information, you’ll see here the date when you last changed your password. We highly recommend changing your passwords from time to time — and of course using reliable combinations.

Facebook regularly changes its security settings. Take a look: A useful new setting may have appeared since the last time you checked.

In addition, you’ll find the Download a Copy of Your Facebook Data button here. We often post important things on social networks but may neglect to back them up elsewhere: for example, photos and videos from a marriage ceremony or images with your little child. If you lose your files for any reason, you’ll be able to restore at least the ones you posted on Facebook — and this feature saves combing through a lot of posts.

Finally, we’d like to add that criminals often use Facebook to send phishing messages and malicious links. In this post we explain how it happens and how to avoid it.

Tips