Harden your Facebook account

Nowadays the social media life is a significant part of our every day lives. We must make sure that we keep this part of our lives under control. Failing to do so may have significant repercussions like identity stealing (somebody is impersonating your online profile).

Facebook is by far the most used social media portal. This is why it is important to have this account careful configured so that no one except you can access it.

In order to configure the access to your Facebook account, you must go to Home -> Account Settings. You will see a menu like the one below.

After choosing the first option, you must select from the left side menu the second entry -Security:


You can select in this window a couple of options. Read below what each of them means.

  • Secure Browsing – if activated, no matter where you are, as soon as you login in your account you will use Facebook over an encrypted connection. It is highly recommended to always activate this option.
  • Login Notifications – can notify you when your account is accessed from a computer or mobile device that you haven’t used before. There are two notification methods available : 
  • Login Approvals – requires to enter a security code each time an unrecognized computer or device tries to access your account. Recommended to be activated. This requires to have a mobile phone to be set up in the account.
  • App Passwords – if the Login Approvals is activated, some Apps might not be able to function because they are not ready to work with codes. Instead, you could generate a password for these Apps which is different than your Facebook password. This allows a more granular control over your security. Highly recommended if you use third party Apps.
  • Recognized Devices – Facebook will store a cookie on your device as soon as you login. If that cookie is no longer found, Facebook will consider the device you are using a new one and will ask for authentication. If you use many computers, enabling this option is highly recommended.
  • Active Sessions – this options allows you to remotely control the sessions which are using your account. This means nothing else than removing from the server side the cookie which was created on login. If you think that your account was misused, the first thing to do is to end all active sessions and change your password.

The last option on this page is to deactivate your account. Think twice before doing this.

I will post in the near future also tips how to improve the privacy of your Facebook account.


Update: You can meanwhile even enable two-factor authentication for Facebook.



Learn even more about IT Security. Get the free eBook from here.

All these and many more topics are in the free eBook "Improve your security" available here: www.improve-your-security.org.

About the Author

Sorin Mustaca, (ISC)2 CSSLP, CompTIA Security+ and Project+, is working since 2000 in the IT Security industry and until 2014 for Avira as Product Manager, where he was responsible for the known products used by over 100 million users world-wide. Serving the security needs of so many different users made him think that there are other ways of to help the users: teachning them about security.

By continuing to use the site, you agree to the use of cookies and to its Privacy Policy more information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.