I was asked about Facebook’s security settings from a friend the other day and after giving out some advice it got me thinking. I looked at Facebook’s available security settings and wondered what would be good to enable and also what other people might have theirs set to.
Enabling Facebook security settings
Here’s a list of some security settings you can take advantage of in Facebook to make it a little safer to “stalk” your family and friends (or friends of friends of friends of…)
First off you’ll want to go to your Facebook settings by clicking on the settings icon. This will look like a gear next to your name. Once you’re in your Facebook settings screen you’ll see various categories to choose from. The one we’re looking for is “Security”.
If you want to find out what devices you’re logged into Facebook from, click the edit link under “Active Sessions”. This section will show you any active sessions you have – any time you’ve logged into Facebook from any computer or mobile app that is still active. Currently, as stated on the page, the list doesn’t include sessions on Facebook’s mobile site (m.facebook.com) which would be any sessions where you used the browser on your mobile phone. If you DON’T have the Facebook app installed and you’re on facebook using your smartphone, you’re likely using your phone’s browser (Safari, Chrome, Dolphin, Firefox, Opera, etc). NOTE: Facebook automatically redirects you to m.facebook.com if they detect you’re using a mobile device. Depending on the browser you use on your phone, there should be an option to request the desktop version.
If any of these sessions look suspicious or you want to clean up some stale sessions you can end them by clicking on the “End Activity” link.
Login notifications are useful if you want to know whenever there is a login from an unrecognized device. This can be from an app or via the website. Once a successful login has been made, Facebook asks you to name the device you’re using. Once this is completed, an email is sent notifying you of the login. You can set this up as an email as well as a text message or push notification. To enable, click on the Edit link for Login Notifications, place a check next to your desired option(s) and click the Save Changes button.
Enabling login approvals is great if you want to add a second layer of security. Similar to the idea behind Google’s 2-step verification, you must enter a pin that is sent to your phone as a text any time you want to log into your facebook account from an unrecognized device. End result: you’ll need access to your phone when you want to log into Facebook from an unrecognized computer.
To start using login approvals, go to the Login Approvals section and place a check next to “Require a security code to access my account from unknown browsers”.
This will display a modal window with an explanation of the Login Approvals setting. Clicking the Set Up Now button will allow you to enter in your mobile phone number. Then click the Continue button.
Once this is all setup, the next time you try to login to Facebook from an unrecognized device, either via a browser or the Facebook app, you’ll be asked for the pin that is sent to you via text. To test this out you can open a new incognito mode window (Chrome: Menu -> New Incognito window or CTRL+SHIFT+N) and try logging into Facebook.