Even if your Facebook account is protected, it can still be compromised. Hackers often gain access by phishing your password—and if they do, they could also access other linked accounts like Instagram, email, or even business tools.
Here’s how to recover your hacked Facebook account and prevent it from happening again.
Step 1: Change Your Password (If You Can Still Log In)
If you’re still able to log in to your account, go to your security settings and change your password immediately.
Use a strong password that includes upper and lowercase letters, numbers, and symbols. Avoid reusing passwords you’ve used on other platforms.
Step 2: Request a Password Reset (If You Can’t Log In)
If you can’t access your account, request a password reset from the login page. If the email linked to your account was changed, follow these instructions to recover access.
Step 3: Report the Hacked Account to Facebook
If you notice suspicious messages, posts, or changes to your profile, report the activity to Facebook. They’ll guide you through the recovery process and may lock the account temporarily to prevent further misuse.
Step 4: Review Your Logins and Devices
Visit your security settings and check the devices where you’re currently logged in. If you see any that you don’t recognize, click the three dots and select “Not you?” to log out and flag the activity.
Step 5: Remove Suspicious Apps and Connections
Go to your apps and websites settings. If you see apps or services you don’t recognize, remove them immediately—they might be used to control your account.
Step 6: Check Email Addresses and Set a New Password
Visit your general settings and remove any unfamiliar email addresses. Then, change your Facebook password again—this time using a stronger one, especially if you’ve recovered your account.
Step 7: Set Up Two-Factor Authentication
Enable two-factor authentication (2FA) so that even if someone has your password, they won’t be able to access your account without your phone or authenticator app.
Step 8: Change Your Email Password, Too
Hackers often target your email to reset other passwords. If anything suspicious happens, change your email password immediately. Better yet, rotate it every 1–3 months as a security habit.
How to Avoid Getting Hacked in the First Place
The most common hacking method? Phishing. You may get a message that looks like it’s from a friend saying, “OMG, did you see who died?” followed by a link. You click it, and it looks like Facebook—but it’s a fake login page. Once you enter your email and password, it’s already too late.
How to Stay Safe:
- Always check the URL. Only log in at https://www.facebook.com.
- Never enter your password on suspicious or shortened links.
- If you’re using the Facebook app, and it asks you to log in again—be skeptical. You’re likely already authenticated.
- Manually type Facebook.com into your browser instead of clicking login links.
- Review the apps connected to your Facebook account. Remove any you don’t use or trust.
Protecting your Facebook account protects your identity, contacts, and even your business. Bookmark this guide, and share it with anyone who might need it.
