Data protection on Facebook: we think in advance

Facebook as a social network is an incredibly popular means of communication. But its users have problems with the use and protection of personal data. Facebook has repeatedly violated the terms of use of personal correspondence and other personally identifiable data. That is, you cannot rely on Facebook’s privacy policy.

1. Basic rules against unauthorized use of data

Here are some simple tips to keep your social media account safe from unauthorized use:

  • use a reliable password to log in to the account (experts recommend creating passwords using case, that is, a combination of upper and lower case letters, at least 8 characters),
  • do not give your email address, phone number and Facebook password to third parties;
  • do not leave your mobile number and personal photos in various communities with open access for everyone;
  • restrict user access to your account (for example, “Friends Only”);
  • do not follow suspicious hyperlinks. You can scan them through an antivirus program;
  • turn off device geolocation when using a social network.

But there are also such necessary actions that we forget about, and then we are surprised by the leakage of information. Let’s talk about them separately.

2. Monitoring alerts for suspicious logins and stale sessions

In the settings, there is an option to notify you of a login from a browser or device that you are not using. It makes sense to review this information from time to time. The option is in the additional protection settings in the “Settings” -> “Security and authorization” section. Please note that the login notification feature via Messenger or SMS will soon be unavailable, but an in-app notification will be automatically enabled instead.

Data protection on Facebook, settings for additional protection

Fig. 1 – Security settings

It is also worth exiting all old sessions that are not enabled, leaving only active ones.

Data protection on Facebook, active sessions

Fig. 2 – Active sessions

3. Check permissions for apps

Any application on Facebook, for example, the test “Who are you from the series…”, upon installation, asks the user for a list of permissions, which may include access to private messages. The most common mistake is to give the application access to post on our behalf or use information about our friends on the social network.

How to get rid of wrongly given permissions

  1. Go to settings.
  2. Go to the “Applications and sites” section.
  3. Click on the one of interest and choose from the menu which permissions you want to grant. It is better to delete unnecessary applications immediately, even if there is no extra information there.
Data protection on Facebook, an example of unnecessary applications

Fig. 3 – An example of unnecessary applications

4. Register Facebook for verified mail services

Check in the general settings of your profile to which email account your page is registered. It should be a mail with good protection, which you use regularly and which works in a country with friendly legislation for the Ukrainian consumer.

5. Two-level authorization and its possibilities

Two-factor authentication provides an increased level of account protection by confirming the consumer’s login via a mobile alert. It is configured through the menu item “Security and Authorization” -> “Two-step verification”. There you need to select the item “Use two-step verification” and turn it on.

Data protection on Facebook, two-step verification

Fig. 4 – Two-step verification

Facebook offers three protection methods to choose from: SMS, security key, or authentication app.

Data protection on Facebook, methods of protection

Fig. 5 – Methods of protection

Select the desired option and click “Use”.

When two-factor authentication is enabled, now every time you log in from a new browser, you will have to enter your password and use a second method of protection. Everything is clear with the SMS code, so let’s consider using the application and the security key.

You will need to download an application for a smartphone (Android or iOS), which generates codes directly on the phone, without requiring a connection to a mobile operator. To generate codes, Facebook recommends using applications such as Google Authenticator or Duo Mobile. Next, click “Configure”, open the application on your smartphone and scan the QR code.

Data protection on Facebook, settings through the application

Fig. 6 – Settings through the application

A line with an account and a six-digit code should appear in the application, which will be updated every half a minute. After entering the code, you will get to the social network.

Backup recovery codes will come in handy. You’ll need them if you lose your second-factor enabled phone and don’t have devices listed as trusted by Facebook. To get them, find the option “Recovery codes” -> “Configure” and enter the password. 10 eight-digit codes will appear on the screen. Each of them can be used once as a second factor to log into your account, after which it becomes inactive.

A trusted device is one from which the option to not ask for a second authentication factor on Facebook is selected. It should only be your laptop or phone. You can add or remove a device where two-factor authentication is configured.

There is also a Security Key option. It is not common, but it works.

Data protection on Facebook, login with a security key

Fig. 7 – Entrance for help a security key

For additional protection on Facebook and Instagram, an advanced Facebook Protect security program was created. In Ukraine, it was launched in December 2020. This program verifies the account’s security settings – at a minimum, password and two-factor authentication.

First, it will additionally monitor for suspicious activity, especially from new devices and locations, and add new security features that will come to Facebook. Secondly, administrators of social network pages received Page Publishing Authorization. That is, if the page administrator has connected Facebook Protect, all other users must enable two-factor authentication and confirm their country of residence.

Data protection on Facebook, explained by the Help Center

Fig. 8 – Explanation from the Help Center

Common problems you may encounter with Facebook Protect:

  • blocking the accounts of those who have not connected the program. It is solved by connection;
  • codes not working – the reason may be due to logging in from a new device or incorrect code generation on a device where the wrong time is specified.

When two-factor authentication is enabled, backup codes must be generated and saved in a safe place (untrusted devices, because the codes are needed when they are lost).

Data protection on Facebook, protection check result

Fig. 9 – Protection check result                                                                   

Therefore, the protection of your data in social networks is your own business. Any trace of you on the network will remain there for a long time, even if you have already deleted the file, photo or message. When posting information on your Facebook account, keep in mind the possibility of third parties using it. The less personal data you post, the lower the risk of their loss.

If you have found a spelling error, please, notify us by selecting that text and pressing Ctrl+Enter.


Spelling error report

The following text will be sent to our editors: