Facebook regularly changes security and privacy settings (some say they do so too often). That’s why it makes sense to check from time to time for any new or changed options. In this post, we explain Facebook security settings in detail.
Security settingsThere are two ways to get to this tab. The quickest is to click the globe icon in the upper right corner (usually you use this button to look through your latest notifications) and choose Settings. Very slightly more involved: Click the arrow button near that globe and find Settings in the drop-down list.
Within Settings, choose the Security tab. Here you’ll see the list of settings that help you secure your account. If you want to read detailed description of any setting just click Edit.
What do all of these settings mean?Let us explain them — all are worth your attention.
Login Alerts. Facebook stores a list of the computers, gadgets, and browsers you usually use to log in to your account. Turn alerts on to allow the social network to send notifications to your e-mail any time it detects authorization from a new device. Consequently, you will be alerted if somebody unwelcome logs in to your account. If that happens, change your password to keep them out. We recommend enabling this useful feature.
Login Approvals. This is Facebook’s two-factor authentication. After you enable this feature, the first time you log in to the social network from a new device you will receive a digital PIN by SMS (text message), and you’ll need to enter that with your password. It’s a minor hassle, totally worth the added peace of mind. Highly recommended!
Here you can also get 10 “emergency” single-use codes. They will come in handy in cases when you cannot receive an SMS message. For example, if you’ve lost your smartphone and want to change your Facebook password — but you can’t because you don’t have your phone. That’s when you’ll be glad you have those codes.
Code Generator. With this feature you can use codes from the Facebook mobile app instead of SMS, or choose another app. If you already use a good code generator (for example, Google Authenticator) why not link it with Facebook as well?
Use it or not — it’s up to you. But we recommend you at least give it a try.
App Passwords. You’ll need this option if you use your Facebook account to log in to some third-party apps and services, if two-factor authentication for your account is turned on, and if those features don’t play well with each other. Instead you can get login approvals for each app. You can read more about them here.
Public Key. In this tab, you can publish your OpenPGP public key. If you do so, the key will be displayed in your account info. Then, your friends can use the key to send you encrypted letters — so even if a letter gets into the wrong hands, no unintended recipient will be able to read it.
Here’s how it works, in brief. You receive two keys — public and private. Your friends and acquaintances use your public key to encrypt messages they send you. When you receive such a message, you use your secret code to decrypt it. This is called asymmetric cryptography — encrypting messages with one key and decrypting with another.
In practice it is not very convenient, but it does work. Even if somebody hacks your e-mail they will not be able to read your conversations as long as you are the only holder of the private key.
This is also where you can turn on the option to have Facebook encrypt any e-mails it sends you.
Your Trusted Contacts. Here you can choose the users to ask for help if you lose access to your account. In that event, you’ll call them and ask them to tell you a single-use password. Enter it and your access will be restored. Here is a detailed explanation of how it all works.
Keep in mind: The security of your account depends on your trusted contacts, so choose reliable people.
Recognized Devices. This is the list of remembered browsers and apps on the devices you use to log in to Facebook. When you connect to the social network from one of these devices, Facebook won’t send you a login alert.
By the way, don’t forget to clear this list from time to time. And definitely do it if you lose a device.
Where You’re Logged In. This useful setting lets you check on which devices you are logged in to Facebook. Did you use the social network on a friend’s PC but forgot to log out? Or worse, on a public computer at the library? Do you see a suspicious session that you’re sure you didn’t initiate? Close all of those sessions — and change your password.
Legacy Contact. Legacy contacts are people who can look after your page in the event of your death: write a pinned post for your profile, respond to new friend requests, or update your profile picture. This person will not be able to publish posts as if they were you. Here is more about this feature.
Deactivate Your Account. If you want to take a break from Facebook, you can temporarily deactivate your account. Your posts will be hidden, but you’ll be able to come back whenever you want, simply by logging in to Facebook again.
(You can also delete your Facebook account forever, but that option is not available under Settings. Here is the secret link for that.)
Two other useful optionsWithin Settings, open the General tab. In addition to personal information, you’ll see here the date when you last changed your password. We highly recommend changing your passwords from time to time — and of course using reliable combinations.
In addition, you’ll find the Download a Copy of Your Facebook Data button here. We often post important things on social networks but may neglect to back them up elsewhere: for example, photos and videos from a marriage ceremony or images with your little child. If you lose your files for any reason, you’ll be able to restore at least the ones you posted on Facebook — and this feature saves combing through a lot of posts.
Finally, we’d like to add that criminals often use Facebook to send phishing messages and malicious links. In this post we explain how it happens and how to avoid it.