Got Hacked? Learn how to make your Facebook account more secure

Without a doubt, Facebook is an important part of many people's daily life. With many security issues like phishing, sold email addresses, hacked accounts and leaked password lists the need to keep your Facebook account safe is higher than ever before.

You can be proactive and secure your online social life. Avoid being a victim of a hack by securing your account properly. The following steps explain how to protect your Facebook access better.

Quickly, why is securing your Facebook so important?

Everyone has seen the blue "Sign-in with Facebook" and "Register using Facebook"-buttons around the Internet. Many have used them too. These convenient login/register options gained popularly quickly. By using these buttons, your Facebook account functions as the "login" for another website. Your Facebook account becomes more central for authentication and with this critical for your online security. Anyone holding access to your Facebook account can also easily get access to many other websites via these so-called "Social Login"-options. This makes keeping your Facebook Login secure even more important.

Example: Social Logins on Canva website

This shows the social logins on Canva.

What are the basics to keep my Facebook password safe?

The password to your Facebook Account is as important as your bank card's PIN number. Your safety online depends mostly on how you keep your password safe. Many people link their Facebook accounts to other websites, including the shopping stores. If you don't keep your password to yourself you are running at risk someone access your account and steals your identity. Here are some tricks which will help you secure your Facebook password.

  • Create strong password, which is at least 15 characters long, mixed lowercase and uppercase as well as special characters. Avoid any repetitive patterns or words you can find using a dictionary or Google.

  • Do NOT share your password with anyone, ever! Avoid sharing your email address whenever possible.

  • Regularly change your password. Do not just add an incremental number at the end — people trying to steal your Facebook account will try this out and catch you off guard.

  • Do not use passwords which are easy to guess such as company name, date of birth, your name, telephone numbers, license plate numbers or any combination of these. Bruteforce dictionary attacks will crack these passwords in short time.

  • Never enter your Facebook login information (username/email address and passwords) on any site, which isn't Facebook — check the address bar to be sure. For the Facebook website, it should always contain either .facebook.com/ or /facebook.com/. Please note the leading . (dot) or / (slash) as well as the trailing slash (/). These are important criteria.

    If you enter your password on other sites, you are at risk someone accessing vital data and acting on your behalf. Potentially scamming your friends and family using your online identify.

  • Keep your system tidy and up-to-date: Use a anti-virus software. Regularly install updates for any software you are using. Ensure your system stays free from viruses and other malicious software by running regular scans.

Another great tip are password managers. These can help you keeping your passwords manageable and avoid forgetting your password. Most password managers are available as locally installed software or as an online service. Some might even use hardware system to protect your access and identify. LastPass is an established and reliable provider in the space of password managers.

Both free and commercial versions are readily available. Any of these password managers will help you secure your Facebook account by encrypting your passwords and then store them in a safely database — either locally or remotely on the server.

How to make your Facebook account more secure?

Even after a number of mistakes and problems within the tech side of the company, Facebook has done their job: hundreds of engineers have built a safe and stable platform. From here on it's on you to keep your Facebook account secure.

Besides the above mentioned password safety measures you can use other security options as well to decrease your risks. For example, you can increase your security by adding your phone number to the Facebook account or by using a two-factor authentication app. A mobile app then becomes your second authentication channel for your Facebook login. More about the app later on. Alternatively, instead of using an app to secondary authenticate yourself you can receive a login code to your phone. Both options enhance the security and are explained in the following step by step guide.

Step-by-Step: How to set up Two-Factor Verification on Facebook?

  1. Log in to your Facebook and click on the dropdown menu on the top-right corner of the page then select "Settings":

Select "Settings"

  1. In the left pane, click on "Security and login". Scroll down and select "Use two-factor authentication". Then click on "Get Started".

    Select "Use two-factor authentication" in the menu

  2. As mentioned in the intro, here is the point where you have to decide which one of the two authentication methods you want to use with Facebook in future: Either your phone number or an authentication app.

    • Phone number: If you decide to use your phone, the mobile number you registered with Facebook will be used to receive authentication codes. If you haven't registered a phone number with Facebook you get the chance in the next step. Fairly straight forward, low worries but linked to fairly insecure technology and requires a mobile number naturally. This also enables to reset your Facebook password via your phone number later on.


    • App: If you want to use the app-path, ensure you have an authentication app installed on your personal mobile phone. There are a number of apps you can use with Facebook. A simple search over the iTunes or Google Play store for "2FA authenticator" will return what you looking for. Many people are using Google's "Authenticator" app, either for Android or Apple iPhone. The following steps are based on the app as second authenticator using Google's "Authenticator"-app.

      Once you are ready, click "Next".

      Choose a 2FA method for your Facebook account

  3. As mentioned, the following the screens will vary depending on the choice in the step above. If you chose the "Authentication app" you should see the following screen.

    Scan QRCode to connect app to Facebook

  4. Launch the Google Authenticator app on your mobile. If you haven't installed it already, here again the links for Android and iPhone. In the app, tab on red round button near the bottom left corner.

    Set up Google Authenticator for Facebook

  5. A new window opens with two options: scan the barcode or enter the key manually. Choose whichever suits you.

    Setup Google Authenticator - Enter a provided key

  6. If you chose "Enter a provided key" then you have to manually fill your Facebook account name and enter the secret key provided in step 4 then click on the "ADD" button.

    Setup Google Authenticator - Manual account entry

  7. Google Authenticator app will generate a new code, if the previous step is successful.

    Setup Google Authenticator - New Code is added

  8. Enter the code generated from Google Authenticator app into the Security code field. In the previous screenshot this was the second entry in the list ("701 840") marked as Facebook below the code. Next to the input field will be a check sign, if the code is correct. Click on "Confirm" to continue.

    Facebook: Set up a third-party app to generate auth-codes

    Provide your Facebook account password as prompted and then click on "Submit" to complete the process.

    Facebook: Set up a third-party app to generate codes (confirm password)

Done, your Facebook account is now using two-factor authentication with the Google Authenticator App as second channel/factor.


At the end, you need to keep your personal data safe and secure. This in your as well as Facebook's interest. Doing what is possible on your end, is the minimum you should consider to protect yourself.

As much as your passwords are encrypted if you use the third-party applications, you should also be careful not to expose any vital information which might lead to being compromised.

Following the two-factor verification method discussed above, you can now protect your personal information better and have a more enjoyable and secure Facebook experience.