The Definitive Guide to Facebook Security

Facebook Security

Social media is permeating every facet of our lives. It is extremely important to understand security and privacy settings with so much personal information becoming so accessible. Here is the definitive guide to security on Facebook:

Step One

Logging In

Social Authentication: Facebook uses social authentication to verify your account. This system asks you to identify your friends based on pictures. This is information that makes it incredibly hard for a hacker to hack and gain access to your account. It also helps you access your account  more easily without having to remember, yet another, password.

ID Verification: Every new user must create a security question and answer for their account. For added security, users can add their mobile number to enable them to verify their identity through a text message.

One Time Passwords: You can opt to receive a one time password by sending a text to 22605

Tip: Did you know that Facebook employs 300 full-time staff solely focused on security and safety?

Login Approvals: If a user logs onto your account using a new or unrecognized device,  a required code will be sent to your mobile device. The user will then be prompted to verify the login on their next attempt.

Tip: Did you know that all logins on Facebook are done through a secure connection? You can enable HTTPS for your entire Facebook experience from the Account Settings page.

Session Classifier: This system uses location, device, and other account details to verify every login (e.g. a Wyoming user suddenly accessing their account from Jamaica)

Fun Fact: Facebook has dedicated millions-of-dollars to build a supreme security infrastructure.

Step Two


User Action Classifier: The user action classifier identifies when users are acting maliciously or spammy.

Link Scanner: All links are compared against Facebook’s and other internet security company’s databases of known spammy and malicious links. Facebook scans over 1 trillion links per day.

Photo DNA: Facebook maintains a blacklist database from federal, state and international law enforcement agencies of explicative images. Each one of the 300 million photos uploaded to the site each day is checked against this list.

Clickjacking Domain Reputation System: You see a link to an “outrageous video” off-site, but once you click it, it automatically publishes the fake link to your wall. This behavior is a result of a browser bug, but Facebook is doing more to prevent this from occurring by taking steps to verify suspected bad links before they’re posted.

Application Classifier: The application classifier analyzes application behavior and tries to decide if they are acting maliciously.

Step Three

Log Out

Suspected Hacking: Users can manually shut down Facebook sessions and reset their passwords if an unauthorized login is detected.

Remote Logout: User who have forgotten to log out can check their login status and log themselves out remotely.

Guardian Angels: If you lose access to your account or have problems logging in, a code can be sent to your friends to help you get back into your account. You can pre-select these friends from the account settings page.

Login Notifications: Users get to approve the devices from which they log in. As an added measure of security a notification can be sent if they have logged in from an unapproved device.

Roadblock: If your account is compromised by malicious software, Facebook will temporarily lock your profile and scan it with security software until your account is certified to be clean.

Some important things to know:

  • 89% of email is spam and less than 4% of content shared on Facebook is spam.
  • Ony .06% of over 1 billion logins per day are compromised.
  • Less than .5% of Facebook users experience spam on any given day.
  • People spend over 700 billion minutes per month on Facebook.
  • The average user has 130 friends.