Navigation

Facebook Account Settings

By . Last modified: 2014-08-14.

How to set secure Facebook Account Settings - enable secure browsing, login notifications, two-step authentication, etc

To adjust Account Settings, open Account menu (the cogwheel icon on the very right) and click Account Settings:
To change your Facebook account settings such as Facebook Ads privacy and Account Security, open Account menu and click Account Settings.

Click Security tab on the left.

Enabling the Facebook Secure Browsing feature

The first feature, Secure Browsing is a must for every security-aware person at Facebook. As many of you might already know, stealing user names and passwords is really easy if using standard http protocol for logging in to Facebook. First, click Edit on the right.
To turn on Facebook secure browsing feature, click Security on the left and then click Edit on the Secure Browsing line.

To always use secure connection for browsing the Facebook and prevent your credentials from falling in the hands of cybercriminals, make sure to check the Browse Facebook on a secure connection (https) when possible box.
Click Save Changes.
Please note that you will still have to make sure that you are logging in to Facebook at https://www.facebook.com, not http://www.facebook.com!
To turn on Facebook secure browsing feature, put a check mark in Browse Facebook on a secure connection (https) when possible box. Then click Save Changes.

If you see a message for a Facebook application that the content can't be displayed over a secure connection, be aware that clicking Continue will disable Facebook Secure Browsing feature temporarily.
Facebook, Switch to regular connection (http)? Clicking Continue will entirely disable Facebook Secure Browsing (https) without any warning. You must turn Secure Browsing back on under Account Settings after this!

Enabling Facebook Login Notifications

The second feature, Login Notifications allows you to define computers and devices (such as mobile phones or web-enabled gadgets) that you use for accessing your Facebook account. You will be notified via e-mail and/or mobile message each time you specify a new device for Facebook access or your account has been accessed using a device not specified in the Account Security list.

Please note that the feature is more or less unnecessary if you start using Facebook Login Approvals!

This will keep your account safer and you will know when someone else is using your account and you can quickly take countermeasures (such as closing the other session or changing your Facebook password and security question).

But there is a catch - your browser must keep cookies after closing and you should not use inPrivate or Incognito modes. Facebook adds several cookies to uniquely identify your computer or device. If your browser deletes all cookies after you close it, you will receive loads of useless e-mails and you must approve and describe the same device way too many times.

To turn the notifications feature on, click Edit on the right and then select the notification method(s) you need.
Click Save Changes.
To turn on Facebook Login Notifications feature, click Edit. Select method(s) of notifying and then click Save Changes.

The next time you log in to your Facebook account, you will see the Register this computer dialog.
Type in a descriptive name for the computer you are using in Computer name field, such as "My home PC" or "My work laptop" or "Some public PC at mall". This step is mandatory for each new device and it will be asked only once.
If you are using your own computer or mobile device, check the Don't ask me again from this computer box. In case you are using your friend's computer or a public computer make sure you leave this box unchecked.
Finally, click Save.
Facebook Account Security, Register this computer. The first time you log in from a new computer or device you must register it for Facebook use. Type in a descriptive name in Computer name field. If you are using your own computer or device, check the Don't ask me again from this computer box. If you are using a public computer, always leave the box unchecked! Click Save.

You will shortly receive an e-mail about logging in to Facebook using a new device after this.

Enabling Facebook Login Approvals

In April, 2011, Facebook took a huge step towards better security by enabling Login Approvals - a two-factor authentication scheme. This feature requires entering an additional security code for any new device or computer trying to access your Facebook account. You will receive the code on your mobile phone via a text message (aka SMS).

But there is a catch - your browser must keep cookies after closing and you should not use inPrivate or Incognito modes. Facebook adds several cookies to uniquely identify your computer or device. If your browser deletes all cookies after you close it, you will receive loads of useless e-mails and you must approve and describe the same device way too many times.
It is also recommended to use the same browser (e.g. Internet Explorer) for visiting Facebook after turning on Login Approvals.

To turn on Login Approvals, click Edit on the right and then enable the Require me to enter a security code sent to my phone option.
To turn on Facebook two-factor authentication (Login Approvals), enable the Require me to enter a security code sent to my phone option.

If your browser deletes cookies automatically, or uses some form of private browsing, Facebook will notify you that turning on Login Approvals is senseless in such mode. Click Close in the Please check your browser settings dialog.
See our Securing Apple Safari, Securing Google Chrome, Securing Mozilla Firefox or Securing Opera to see how to keep cookies after closing the browser.
Facebook, Login Approvals error message "Please check your browser settings. Your current settings might make it hard to use login approvals". Click Close and reconfigure browser to keep cookies after closing.

Set up login approvals message will appear. Read the description and click Set up now.
Facebook, Set up login approvals. Click Set Up Now after reading the feature description.

In case you have not added your phone number to your Facebook profile, you will be asked to do so. In Add a phone message, make sure that Country Code is correct and type in your Phone number. Click Next.
Facebook Login Approvals, Add a phone. Type in your mobile phone number and click Next.

A text message from Facebook will arrive on your phone with confirmation code for Login Approvals in a few seconds.
In Please enter your code message, type the code you received and click Submit Code:
Facebook Login Approvals, Please enter your code. Type the code in the SMS you received and click Submit Code.

Next, Facebook asks to name the computer you are using. Use a descriptive name, such as "My work laptop" or "My home PC". The computer will then be added to the list of recognized devices and no additional codes are necessary while logging in to your Facebook account on this computer. Remember, security codes are used only for new, unrecognized, devices.
Type in your Computer name and click Next in Name this computer message:
Facebook Login Approvals, Name this computer. Type a descriptive name for the device and click Next.

Finally, the process is complete. Click Close.
Facebook Login Approvals, Setup finished. Click Close.

In case you change your phone number in the future, you must add the new number to your Facebook account information. To do this, you must use a computer or device that has been approved previously, otherwise you will be unable to log in to your Facebook account.
If your account gets badly hacked so that passwords, phone numbers and approved devices change, open https://www.facebook.com/recover.php or http://www.facebook.com/hacked to regain access to your account.

The next time you use an unrecognized device or computer to log in to your Facebook account, you will see Enter Security Code message after typing in your user name and password.
A unique security code will be sent to your phone in a few seconds. The message will include text "Please use the code <code> to approve the login from an unverified machine".
Type the code into Enter Code field and click Submit Code.
Facebook Login Approvals, Enter Security Code. Type the code from the text message you received on your phone and click Submit Code.

A Name New Computer message will appear. Type a descriptive name for the computer in Computer name field.
If the computer or device is not the one you are going to use in the future (e.g. your friend's PC or an Internet device at public wifi cafe), clear the Add to your list of recognized devices box. In case this is your device, leave the option checked.
Click Continue to access your Facebook page.
Facebook Login Approvals, Name New Computer. Type a descriptive name in Computer name box. If the device is a public one, clear the Add to your list of recognized devices box. Click Continue to open your Facebook page.

You can also enable Facebook Code Generator on the Facebook app of your iOS (iPhone, iPad) or Android device. This helps in generating required Login Approval codes or changing your Facebook password.

Removing a computer or a device associated with your Facebook account

If you want to delete a computer or a device from the Recognized Devices list, (maybe you sold or lost your old PC or phone) open Account menu, click Account Settings, click Security tab on the left and then click Edit for Recognized Devices.
You will then see a list of computers and devices currently associated with your Facebook account. Find the item you want to erase and click the Remove link.
If you accidentally remove a wrong device, the "Remove" will turn into "Undo". Click it to revert changes.
Facebook Account Security. To remove a device from the list of Recognized Devices, click the Remove link after its name.

Enabling Facebook Application Passwords

If a program or device that connects to your Facebook profile is unable to receive Login Approvals' security codes, you cannot use it until you turn off Login Approvals completely. To work around the issue with apps such as Skype or Xbox, Facebook added the App Passwords feature - you must enter the unique app passwords instead of Login Approvals' security code. You must enter the password only once and no additional password generation for it is necessary.

This feature does not work with apps that work inside Facebook and there is no point in setting up any passwords for these. App passwords affects only the programs that connect to your Facebook account.

Click Edit in the App Passwords row. Then click the Generate app passwords link.
Facebook Account Security. To set up App Passwords, click Edit. Then click Generate app passwords.

The feature overview window opens. Click the Generate App Passwords button.
Facebook Account Security, Generate app passwords. Click Generate App Passwords.

Type in the application name and click Generate Password.
Facebook Account Security, Generate app passwords. Type the application name and click Generate Passwords.

Now, type the password into your app. If you want to store the password securely, use the free Password Safe.
To set up a password for another app, click Next Password. After you're done setting up the passwords, click Finish.
Facebook Account Security, Generate app passwords. Type the generated password into the app. To set up another app password, click Next Password. To end the process, click Finish.

Removing password protection for an app in Facebook

If you forgot the password or you do not need the feature anymore, click Edit in the App Passwords row again. Then click the Remove link for the application you want to delete from App Passwords.
Facebook Account Security. To remove password-protection for an app, click Remove.

To apply the changes, click Save Changes. In case you accidentally removed the feature for a wrong app, click Undo instead.
Facebook Account Security. To apply an App Passwords removal, click Save Changes.

Why not to enable Trusted Contacts

A new feature allows selecting 3-5 trusted people who can help you if you lose access to your Facebook account. While this seems to be a good idea at first, it has one fatal flaw: your trusted people must verify that it is really you who needs help. Trust me, they will not do so. Most people just give out access codes without checking whether it is really you or some cyber-crook.
Leave the feature disabled and use the https://www.facebook.com/hacked page to regain access to your account instead.

Closing suspicious Facebook sessions

If you see several items in the list of Active Sessions and you are sure you are not visiting Facebook from several devices simultaneously, click Edit and then click End Activity for the session(s) you find suspicious. Just do not close your own current session! Laughing
Facebook Account Security, Active Sessions. To close strange sessions, click Edit and then click Close for each session you find suspicious.

If you see suspicious sessions often, click General tab on the left (on Account Settings page) and change your Facebook password and security question.

Facebook Followers (previously Subscribers)

Facebook offers the ability to subscribe to users' public posts without friending - this helps photographers, musicians and other creative people to spread their works using social media, while keeping their personal stuff private. Please note that you can also create Pages on Facebook for your business or creative works.
If you are one of those people who want to manage just one personal account instead of pages, you can tick the Turn On Follow check box. This will create the Follow button on your Facebook Timeline.
Follower Search is useful if you want people to find you quickly (this also makes your public profile searchable).
Set Follower Comments and Follower Notifications to Friends of Friends. The first one restricts the ability to post comments (if you really like both positive and negative feedback, set this one to Everyone instead); the second one notifies you if someone starts following you or shares, likes or comments on your public posts. You can also change the latter to Nobody in case you get a lot of love (and tons of notifications) from Facebook users.
Facebook Account Security, Followers. To prevent all Facebook users from subscribing to, receiving and sharing your public posts, clear the "Turn On Follow" check box.

Be sure to check out how your Public Timeline looks: what is visible and shareable by any Facebook user. To do this, click the Want to know what followers can see? link.

Facebook Applications

The Apps tab is covered in the Facebook Privacy Settings article.

Limiting Facebook Ads' ability to share your information and actions

Facebook Ads can display information about you to other Facebook users. This is not what a careful, privacy-aware person wants, so in Account Settings page, click Ads on the left.
First, click Edit on the Third Party Sites line.
Facebook Account Security, Ads. To prevent third-party ads from revealing information about you, click Edit on Third Party Sites line.

Select No one from the If we allow this in the future, show my information to combo box and then click Save Changes.
Facebook Account Settings, Ads shown by third parties. To prohibit Facebook Ads from sharing your information with other Facebook users, select No one from the If we allow this in the future, show my information to box. Then click Save Changes.

Scroll down the page and click Edit on the Ads & Friends line. Again, select No one from the Pair my social actions with ads for box. Then click Save Changes.
Facebook Account Settings, Facebook Ads, Ads and friends. To prohibit Facebook Ads from sharing your social actions with other Facebook users, select No one from the Pair my social actions with ads for box. Then click Save Changes.

The Account Settings at Facebook are now safer. Cool But don't forget to set good Privacy Settings and limit other's access to your personal information!

 

Sub Navigation

Sub Navigation
Next: Facebook Privacy Settings
Previous: Facebook privacy and security
comments powered by Disqus