Skip to content

12 Steps To Secure Your Facebook Account

Facebook got rid of the “trusted contacts” feature. You might’ve seen the notice in the Facebook app last year.

If you had the trusted contacts feature set up now your chosen friends will no longer be able to help you get back on Facebook if you lose access to your account. Ugh.

Most likely, this is yet another of the myriad features Facebook chooses to nix without explanation because not that many people were using it. Which could be tens of millions, but not hundreds of millions or a billion or more.

The way Facebook worded the notification, it was definitely confusing and not clear… typical FB. 

 “Trusted contacts ends soon.” — could be interpreted like it’s time to review, change, edit or update your trusted contacts… Certainly that was my very first thought. Hmph.

I would reword the notification to, “Facebook is removing the trusted contacts feature altogether (on xyz date). But, rest assured, here are 12 ways to protect your account and stay safe.” There, much better! 

SO, whether you had trusted contacts set up in the past or not, here is a solid checklist of all the actions you should absolutely have in place to ensure your Facebook account is super solid, safe and secure.

Follow These 12 Action Steps to Secure Your Facebook Account

On desktop or mobile, navigate to your Facebook Settings and follow these steps.

Step #1: Set up 2-factor or multi-factor authentication

2FA (two-factor authentication) or MFA (multifactor authentication) is an absolute MUST. In fact, get this: if you’re running ads, your ads will quite possibly perform better so long as EVERY admin of your Page has 2FA set up.

This is the most critical step. And, not only that, you might even see ever-so-slightly better organic reach so long as every admin of your Page has 2FA set up!! Yes, it’s that vital! So, get ‘er done, my friends!

You access 2FA under your Security and Login settings.

Most people utilize SMS to receive a code via text message. BUT, that is actually not the most secure way to set up 2FA as phone numbers can be spoofed. Ugh, I know, right?!

So, for optimal security, it’s much more effective to use an Authenticator app. I cannot stress this strongly enough! Google Authenticator (iOS or Android) and Duo Mobile are among the top authenticator apps.

If you’re not a techie and find it confusing to have a separate mobile app that generates codes for you to use to login to your vital sites, please get some help from a trusted person who understands this process. It’s really not that difficult, though!

Step #2: Only use long and cryptic passwords

Ensure your password is long and cryptic. If you can remember your password (for anything!), it’s not cryptic enough.

So long as you are using a strong password – along with 2FA – you shouldn’t need to change your password that often. But, some security experts suggest changing your password every few months.

Step #3: Set up a USB Security Key for maximum security

For maximum security, ALSO set up a USB Security Key.

For more information, suggested devices and instructions, here’s a helpful post on Tom’s Guide. What is a USB security key, and how do you use it?

Step #4: Always use a trusted password manager tool

Do not ever rely on your memory or a non-secure way of logging passwords. Always use a reputable password manager tool, e.g. LastPass, 1Password, etc.

Step #5: Do not share your login credentials

Never ever share your login credentials with anyone, for any reason.

To share access to your business page, use Business Manager or Business Suite and add Admins with appropriate roles, ensuring they also have 2FA set up.

Step #6: Enable login alerts

Set up extra security by enabling “Get alerts about unrecognized logins.” Select notifications on Facebook and by email.

NOTE: Facebook used to have the option to get login alerts via Messenger and/or SMS, but those two options are going away. Instead, only in-app notifications + email are options, which is still just fine!

Step #7: Check Logged In Sessions

Periodically check your Logged In Sessions and remove any that you no longer need. This is especially vital if you ever used a public or shared computer to access your Facebook account.

Step #8: Review connected Apps and Websites

Under Settings, periodically check which Apps and Websites are connected to your Facebook account and still have active access. Remove any you no longer need or use.

Step #9: Review your Business Integrations

Regularly review your Business Integrations – these are apps and services that you’ve used Facebook to log into. Again, remove any you no longer need or use.

Step #10: Large following? Consider hiding

You might want to hide your Friends and Followers on your personal profile if you have a large number of them. The setting is under the 3 dots on your Friends or Followers tab. This is particularly important for profiles that get impersonated as it looks very enticing to a scammer to be able to act as you and try to scam your entire network.

The bad actors create a new account with a name that looks very close to yours; they’ll use your profile picture, send friend requests to all your publicly visible friends and then spam them with scam links. This icky scam was very prevalent on Instagram for the longest time, causing some account owners to switch to a private account.

If your account ever does get impersonated on Facebook and/or Instagram (not hacked, but impersonated with a new/similar account name), all you can do really is report the offending account. And ask your friends and followers to report it for impersonating you.

Step #11: Be ultra careful with suspicious links

Always be very careful to check any links sent to you via DM and/or email that seem to come from Meta / Facebook (or even from trusted friends, as it’s possible they got hacked).

Phishing is rampant these days and the scammers are getting cleverer by the day; it’s all too easy to fall prey to something that looks too good to be true. If in doubt, do not click!

Step #12: Review browser extensions

Make sure to keep your web browser up to date and remove any suspicious applications or browser add-ons or extensions.

Bonus Step: Download your information

This setting allows you to download everything you’ve ever posted on Facebook and it’s a solid best practice for both your personal profile and business Page, as at least you would own a back up off of Facebook. (Just like you back up your website or blog).

I would recommend downloading your information a minimum of once a year, but maybe 2-4 times a year depending on how much you post! (See Step #9.9 on this post).

Related: Facebook account hacked? Business Manager hacked? Here’s how to get help

Hopefully you’ll be more confident about how secure your Facebook account is after taking these 12 steps!

Let’s connect!

Make sure you’re following my Facebook Page to stay up to date with all things Facebook and social media marketing.

For our fellow small business owners, social media professionals, entrepreneurs, marketers, agencies – if you’re not already a member, do join my Social Scoop Facebook Group for tons of wonderful peer support and access to me and my team. We keep over 22,000 members up to date on the latest Facebook & social media news, platform changes, updates, tools, and tips.

mari smith facebook group social scoop free facebook marketing support

Need help with your Facebook marketing? Join the wait list for my most popular program #FBOMM: Facebook Organic Marketing Masterclass Season Five is coming soon!

Mari Smith

Often referred to as “the Queen of Facebook,” Mari Smith is widely known as the Premier Facebook Marketing Expert and a top Social Media Thought Leader. Forbes describes Mari as, “… the preeminent Facebook expert. Even Facebook asks for her help.” IBM named Mari as one of seven women that are shaping digital marketing. Mari is an in-demand keynote speaker, corporate social media strategist, dynamic live webcast host, and popular brand ambassador. She is coauthor of Facebook Marketing: An Hour A Day, and author of The New Relationship Marketing.

More Posts - Twitter - Facebook - LinkedIn

Scroll To Top