The first thing that everyone should do on Facebook is to make their account more secure. In an age where one errant social media post can have disastrous consequences, it’s best to take steps to make your account harder to hack. The easiest way to do this is by enabling two-factor authentication on Facebook. This means that each time you log in, you’ll have to use your password and code that you receive through SMS or an authenticator app such as Google Authenticator.
We recommend not sharing your phone number with Facebook, because the company has allowed advertisers to access it in the past, even if you shared the number only for security reasons. In addition, SMS-based two-factor authentication is a lot less secure than using authenticator apps. Facebook allows you to use a physical security key, such as YubiKey, to authorize your logins instead; this is the most secure method of logging in as it always requires you to plug in the security key.
You can go to Facebook’s two-factor authentication setup page and pick your preferred method for setting up additional security.
Next, you should set up alerts for unrecognized logins to your account by going to Facebook’s security settings page and clicking Get alerts about unrecognized logins. On the security settings page, you can also click Authorized logins and review the devices where you can log in without two-factor authentication. Ideally, you shouldn’t allow any device to log in without entering those one-time passwords.
Finally, if you do get locked out of your account, you can allow three to five of your friends to receive a link from Facebook to help you recover your account. You can enable this by clicking Choose 3 to 5 friends to contact if you are locked out on the security settings page on Facebook. Be sure to pick people who you trust and who also take steps to keep their accounts secure.