It’s bad news if someone has access to your Facebook account without your knowledge. Learn how to know if Facebook account has been breached.
It’s a commonly accepted fact: Facebook knows far too much information about us. Millions of people will fully tell the company about what they like, what they hate, who they have a crush on, which school they went to, and a whole lot more.
However, at least Facebook has terms that govern how it can and cannot use your data. What if that data gets into the wrong hands, though?
If someone has access to your account without your knowledge, the situation can quickly become sinister. Let’s take a closer look.
The Dangers of Unauthorised Access
There are countless dangers of someone accessing your account without your knowledge. Let’s briefly summarise some of the most troublesome:
- Exploitation of Private Information: If you’re a Facebook addict, there’s a good chance there’s information on your account you’d rather not share with the world. Perhaps it pertains to your sexuality, religion, political beliefs, or another “hot” topic. You could even be a victim of revenge.
- Cyberbullying: Cyberbullying is a real and growing threat. We’ve seen apps like After School come under significant fire from teachers, parents, and governments for their inability to protect users. Given people can sign up to Facebook once they are 13-years-old, there is significant potential for cyberbullying if someone has unauthorised access to private information.
- Viruses: There have been numerous instances of viruses spreading through Facebook. The Messenger service is a particularly common attack vector, with malicious links spreading quickly. A hacker could use your account to send links to unsuspecting friends, giving both you and them a problem.
- Other Accounts: People often link their Facebook accounts to other social networks. An unauthorised user can create havoc across a person’s online identity if left unchecked.
Is Someone Accessing Your Facebook Account?
Okay; so we all agree that if someone has unauthorised access to your Facebook account, it’s bad news. If you don’t react quickly, it probably won’t end well.
But how do you know if someone else is accessing your account?
Luckily, Facebook has made it easy to uncover the truth. In fact, the feature has been present for a long time, but Facebook doesn’t do a good job of letting you know about it.
To begin, log in to your account and click on the small arrow in the upper-right corner of the title bar. You will see a menu like the one below. You need to select Settings and Privacy > Settings.
Once the Settings page has loaded, locate Security and login on the panel on the left-hand side of the screen.
The website will take you to the recently-redesigned security page. On this page, you will find lots of features to prevent someone gaining access to your account again in the future. For now, we’re only interested in the Where you’re logged in section.
You will see a list of all the devices and locations which are currently authorised to access your account. Make sure you click on See more to view the full list.
It’s worth noting that the list combines Facebook logins with Messenger logins. So if you think only one of the two services has been compromised, it is easy to check.
Removing a Device
If you see something that looks suspicious, you can use this list to revoke its access. Keep in mind that some IP address glitches might occasionally see one of your legitimate devices pop up in an unrecognised location. Such cases are safe to ignore.
To revoke access, click on the three vertical dots next to the device you want to remove. A new menu will pop up. You can either select Not you? or Log Out.
If you click on Not You?, Facebook will block the device in question and take you through some steps to secure your account (more on those shortly). If you click Log Out, the access will be revoked, but the unauthorised person could potentially log in again if they know your password.
If you just want to start afresh, scroll down to the bottom of your list of devices and click on Log out of all sessions.
Prevent the Problem
Once you’ve revoked the unauthorised person’s access, you need to take steps to make sure it doesn’t happen again.
Of course, the first step is to change your password. You can do so by heading to Settings and Privacy > Settings > Security and login > Login > Change password. You will need to enter your old password to complete the process.
But changing your password is only half of the story. You should also consider setting up two-factor authentication. Two-factor authentication can use either a text message, a Universal 2nd Factor (U2F) security key, the official Facebook code generator (in the smartphone app), or a third-party code generator. To set up a third-party code generator, you’ll need to scan a QR code.
To turn on two-factor authentication, go to Settings > Security and login Settings and Privacy > Settings > Security and login > Use two-factor authentication.
You should also set up alerts for unrecognised logins. By enabling the feature, Facebook will notify you if it sees a login from a suspicious source. It will allow you to react more quickly in the event of a breach.
To set up the feature, go to Settings and Privacy > Settings > Security and login > Setting up extra security > Get alerts about unrecognised logins. Expand the box, and mark the checkboxes next to either Get notifications or Receive Email Alerts at [address] (or both), depending on your preferences. Hit Save changes when you’re ready.
Has Your Facebook Account Been Breached?
Let’s quickly summarise what we have learned:
- You can check if someone else is accessing your account by going to Settings and Privacy > Settings > Security and login > Where you’re logged in
- You should enable additional security checks in Settings and Privacy > Settings > Security and login > Setting up extra security
And for an extra layer of protection add 2FA and login alerts.
Be Wary Around the Web
Facebook is far from being the only service that has the potential to leave your life in ruins if someone gets unauthorised access to it.
To make sure you stay safe around the web, make sure you follow basic security principles. For example, don’t use the same password on two different sites, use 2FA where available, and don’t access highly sensitive data on either public computers or public Wi-Fi networks.