Social Media > Facebook Hacked Facebook Account: Immediate Recovery Steps Regain control of your Facebook account By Andy O'Donnell Andy O'Donnell Writer Auburn University Andy O'Donnell, MA, is a former freelance contributor to Lifewire and a senior security engineer who is active in internet and network security. lifewire's editorial guidelines Updated on January 20, 2021 Reviewed by Michael Barton Heine Jr Reviewed by Michael Barton Heine Jr Michael Heine is a CompTIA-certified writer, editor, and Network Engineer with 25+ years' experience working in the television, defense, ISP, telecommunications, and education industries. lifewire's editorial guidelines Tweet Share Email Tweet Share Email In This Article Expand Jump to a Section How Was My Account Hacked? Step-by-Step: Report the Hack Alert Your Friends Step-by-Step: Delete Unknown Apps Extra: Enable Two-Factor Authentication Extra: Run Security Checkup Extra: Change Your Facebook Password Regularly Facebook and its more than 2 billion active users are an attractive target for hackers. Some of the more successful hacks appear in the news, but many hacks are smaller and affect only some Facebook users. Indicators that someone may have hacked your Facebook account are: Your email or password has changed. Your name or birthday has changed. Fake friend requests have been sent from your account to people you don't know. Friend requests have been sent to people who are already your friends. Posts that you didn't create appear to be from you. Friends receive messages from you that you didn't write. If any of these telltale signs happen to you or you notice any other unusual activity, take fast action to protect your account. When you think your Facebook account may have been hacked, change your password before you do anything else. If you no longer have access to your Facebook account, immediately follow the steps described below. These directions work for any Facebook account. The steps described below require access to the desktop version of Facebook.com. How Was My Account Hacked? Hackers may have gained access to your Facebook account in any number of ways. They could have guessed your password, or they may have set up an Evil Twin Wi-Fi hotspot at a coffee shop and stolen your credentials through a man-in-the-middle attack. Maybe you left your account logged in at a computer lab at your school or library, or hackers could be using your account from a stolen tablet or phone. Regardless of how they managed to obtain your Facebook credentials, the best thing to do is move quickly to limit the amount of damage and try to prevent any further hacks. Report a Compromise to Facebook If you can't recover your Facebook password and access your account, you can still report a possible hack to the company and receive help to reset your password: Open Facebook's Report Compromised Account page. Click My Account Is Compromised. Enter the phone number or email address associated with your account, and then click Search. Type your current password or an old one, and then click Continue. Jon Fisher Select one of the options from the list that indicate why you think your account has been hacked, and then click Continue. Jon Fisher Facebook explains that you need to change your password and confirm that recent changes to your account came from you to keep your account secure. Click Get Started. Jon Fisher Follow the instructions provided to secure your account and change your password. Alert Your Friends Tell your Facebook friends that your account was hacked. Warn them not to click any links that may have come from your account during the time it was hacked and out of your control. Hackers who compromised your account may have posted on your friends' pages or sent links in comments or private messages. Delete Unknown Apps From Your Account Eliminate any Facebook apps installed on your account that you don't recognize. While you're at it, delete apps you no longer use. At some point, you may have granted the apps access to some of your personal information. Open the Facebook menu by clicking the arrow in the top right corner. Click Settings. Jon Fisher Click Apps and Websites from the left pane. Check the box next to the Facebook apps you want to remove, and then click Remove. Click Remove again on the confirmation prompt. You also have the opportunity to delete every post, photo, and video that the apps posted on your behalf. Jon Fisher If you click View and edit on an app, it shows the level of access it has to your account and the information Facebook shares with it. Also on the Apps and Website page are additional tabs at the top where you can find expired apps (apps that had access at one time, but their permissions have since lapsed) and past apps (which have been removed from your account). Removed or expired apps still have the information shared with them while the apps were active, but they can no longer access that information from your Facebook account after they expire or are removed. Clicking the tile for a removed or expired app tells you the best method to request that the app delete your information. Prevention: Enable Two-Factor Authentication Don't wait for the next hack to take steps to improve your Facebook security and privacy. To prevent your account from being compromised again, Facebook strongly recommends using two-factor authentication. Activating this feature requires an additional form of authentication beyond your password when anyone attempts to log in to your account. The second form of authentication can be a number code texted to your phone or a code generated by a separate authentication app on your phone, or a smart key inserted into your computer's USB drive. When you have two-factor authorization in place, someone could have full access to your password, but unless they also have your second means of authentication (like your phone or a physical token), they can't get into your Facebook account. To enable two-factor authentication on your Facebook account: Click the down arrow in the upper right corner of Facebook to access the menu. Click Settings. Click Security and Login in the left pane. Click Edit next to Use two-factor authentication. Jon Fisher You may be prompted to ensure your password. Enter it and then click Get Started. Jon Fisher Select either Text Message or Authentication App, and then click Next. Jon Fisher If you choose Text Message, enter the code in the fields provided. If you choose Authentication App, launch it on your phone and follow the instructions. Jon Fisher Click Finish when you see the Two-Factor Authentication Is On message. Jon Fisher Be wary of relying solely on text-message solutions for two-factor authentication. In addition to SIM spoofing (in which someone gets the phone company to reassign your number to a different device), if you lose access to your phone or you change phone numbers, you'll need help regaining access. Prevention: Run Security Checkup Facebook's Security Checkup feature adds additional security to your account. Use it to: Log out of Facebook and Messenger from unused browsers and apps. Receive an alert when someone logs in to your account from an unrecognized mobile device or computer. Prevention: Change Your Facebook Password Regularly Resetting your password regularly is a good habit to adopt. You can do it at any time. Launch Facebook's menu from the down arrow in the upper right corner of the page. Click Settings. Click Security and Login in the left pane. Click Edit next to Change password in the Login section of the center pane. Jon Fisher Enter your current password next to Current, type a new password in the New field, and then type the new password once more to confirm in the Re-type new text box. Click Save Changes. Jon Fisher Was this page helpful? Thanks for letting us know! Get the Latest Tech News Delivered Every Day Subscribe Tell us why! Other Not enough details Hard to understand Submit