How to Secure Your Social Media Accounts
Whether you've just recovered from a hack or simply want to protect yourself proactively, this guide covers the essential security steps that apply to every major social media platform.
๐ Defence in depth. No single step makes you completely secure. Apply as many of these measures as possible โ each layer significantly reduces your risk.
Step 1: Use a Strong, Unique Password
- Use at least 16 characters with mixed case, numbers, and symbols
- Never reuse passwords across accounts
- Use a password manager like Proton Pass, Bitwarden, or 1Password
- Avoid personal information in passwords
Where to change your password: Look for Security or Login & Security in your account settings.
Step 2: Enable Two-Factor Authentication (2FA)
Two-factor authentication adds a second verification step beyond your password.
Recommended 2FA Methods (Best to Worst)
- Hardware security key (YubiKey, Titan Key) โ Most secure
- Authenticator app (Ente Auth, Proton Pass) โ Very secure, widely supported
- SMS text codes โ Better than nothing, but vulnerable to SIM-swapping
Where to find 2FA on major platforms:
- Facebook: Settings โ Accounts Centre โ Password and security โ 2FA
- Instagram: Settings โ Accounts Centre โ Password and security โ 2FA
- X / Twitter: Settings โ Security and account access โ Security โ 2FA
- LinkedIn: Settings โ Sign in & security โ Two-step verification
- TikTok: Settings โ Security โ 2-step verification
- Snapchat: Settings โ Two-Factor Authentication
โ ๏ธ Save your backup codes! Store them in your password manager โ they're your lifeline if you lose your phone.
Step 3: Review Login Activity & Active Sessions
- Navigate to your Security or Login Activity settings
- Review each active session โ check device, location, and time
- Log out of any session you don't recognise
- Use "Log out of all other sessions" if available
Make this a monthly habit. Set a reminder to check login activity on all your accounts.
Step 4: Audit Connected Apps & Permissions
- Go to your account's Apps or Connected Apps settings
- Review each app โ do you still use it?
- Remove any apps you don't actively use or recognise
- Be cautious of apps requesting write access or messaging permissions
Step 5: Lock Down Privacy Settings
- Profile visibility: Set to private if you don't need public visibility
- Search visibility: Disable search engine linking where available
- Contact info: Hide email and phone from public view
- Location data: Disable location tagging on posts
- Message requests: Restrict who can DM you
- Tagging: Enable manual approval for tags and mentions
Step 6: Secure Your Recovery Options
- Use a secure email provider like Proton Mail as your account email
- Make sure your recovery phone number is current
- Consider a separate secure email exclusively for social media
- Enable login alerts for new access attempts
Your social media security is only as strong as your email security. If an attacker compromises your email, they can reset passwords on all linked accounts.
What's Next?
- Read How to Tell If Your Social Media Has Been Compromised to stay alert
- Set up Proton Mail to protect the email linked to your accounts
- Follow our How to Secure a Proton Account guide for maximum email security
- Use the Cyber Security Health Check tool to assess your overall security