The following has been taken from an article at Naked Security by Lee Munson (https://nakedsecurity.sophos.com/2014/05/27/5-tips-to-make-your-facebook...)
Last year we gave you 5 tips to make your Facebook account safer.
But Facebook likes to change things, and now some of those tips are a bit outdated.
So here’s an update – have you done all five?
1. MAKE SURE ONLY YOUR FRIENDS CAN SEE YOUR TIMELINE POSTS
You don’t want strangers checking you out on Facebook (presumably) so make sure you limit who can view your Facebook timeline.
While the key elements of your profile (name, picture, cover photo, etc.) are viewable by everyone, many other aspects of your timeline can be blocked from prying eyes.
First, make sure all your future posts are locked down. Click on the padlock icon on the top toolbar (on the right hand side), then click ‘Who can see my stuff?’.
Under ‘Who can see my future posts’, choose from:
- Public (which obviously means everyone)
- Only me
- Custom (which allows you to limit some of your friends from seeing your posts)
Pick what’s best for you, but make sure ‘Public’ isn’t selected. Whatever you choose will then become the default every time you post an update (though you still have the option of selectively changing this for each individual update you post in the future).
Now, make sure you limit the audience for your previous posts. Click the arrowhead on the top toolbar (on the right hand side). Choose ‘Settings’.
Click Privacy on the left hand menu, and under ‘Who can see my stuff’, click ‘Limit past posts’. From here you can change all your past post visibility to ‘Friends’.
It’s also worth checking out the visibility of the stuff listed under the ‘About’ section of your profile.
On your timeline, click ‘Update info’ (at the bottom of your cover photo) and then click ‘Edit’ next to the area you wish to change the visibility for.
Once again, choose from the options of ‘Public’, ‘Friends’, ‘Only me’ or a custom list of people.
2. CONTROL WHO CAN CONTACT YOU ON FACEBOOK
Click on the padlock icon on the top toolbar (on the right hand side), then click ‘Who can contact me’.
By default this is set up as ‘Basic Filtering’ to allow friends and people you may know the opportunity to send you a message.
If you want only friends to be able to contact you, you can increase the filtering on your inbox. Other messages will then be diverted to your ‘other’ folder which you can access from the Messages screen.
To do this, click ‘Strict Filtering’ under ‘Whose messages do I want filtered into my Inbox?’
From this area of the screen you can also limit who is able to send you a friend request, choosing between everyone or just friends of your friends.
3. CONTROL WHO CAN DISCOVER YOUR PROFILE BASED ON YOUR EMAIL ADDRESS AND/OR TELEPHONE NUMBER
If you wish to control who can find you based on the email address or telephone number you used to sign up Facebook then you can do so by first clicking on the arrowhead at the top right of any page and then clicking ‘Settings’.
Next, select ‘Privacy’ from the menu on the left hand side of the page and look for the ‘Who can look me up?’ option.
You will notice that there are separate settings for both your email address and telephone number.
Click ‘Edit’ next to each to choose Friends, Friends of Friends or Everyone.
4. SET UP LOGIN NOTIFICATIONS
You can set Facebook up to send you an alert every time your account is accessed from an unknown computer or other device. This can be a handy way of receiving a warning should someone gain unauthorised access to your account.
Again, click the arrowhead at the top right of any page and choose ‘Settings’.
Choose ‘Security’ from the menu on the left hand side.
‘Login notifications’ is the top option available so click ‘Edit’.
Choose from receiving either an email and/or a text message/push alert. Click ‘Save Changes’. Login notifications are now active on your account.
5. TURN ON LOGIN APPROVALS
You can choose to have an extra layer of security when accessing your account from an unknown browser. Facebook will send a code to your phone which you will then need to use to login.
Click the arrowhead at the top right of any page and choose ‘Settings’, then ‘Security’ from the left hand menu.
Tick the box that says ‘Require a security code to access my account from unknown browsers’. Facebook will then take you though the process of setting up login approvals so click on ‘Get Started’ to begin.
Once you have set up login approvals you will only need to enter a code when you try to login from a new device. It is a feature that makes it that much harder for a hacker to gain access to your account and as such is well worth enabling.
Note: if your browser clears your history on exit, or has private browsing switched on, you may need to enter a code every time you log in.
These are just a few of the quick and simple measures you can take to protect your Facebook account.
If you have other tips of your own to share then please do leave them in the comments below.
And if you would like to keep up to date with the latest Facebook scams and other internet threats, please like the Naked Security page on Facebook.