Whether your Facebook account was hacked or you just forgot your password, Meta rarely offers more than a wall of silence. If you suspect that your Facebook password was leaked or that your account was compromised, act fast!

Facebook hackers could lock you out of your account and hassle your friends and family. Secure your Facebook account now and get it back before it's too late. We'll show you how.

How to Tell Whether Your Facebook Account Was Hacked

You can tell your Facebook account was hacked if you spot one of the following signs:

  • You can no longer log in with your username and password.
  • A password reset email shows up in your inbox, but you didn't initiate a reset.

These are the most obvious signs something's wrong, but there are more subtle ones. If a Facebook hacker gets into your account, they will leave a trace.

Check Your Login Sessions

Did someone log in from a location or device you're not familiar with?

Log into your Facebook account and click your profile image in the top right to expand the Account menu. From that menu, pick Settings & privacy > Settings, open the Accounts Center from the sidebar, and select Password and security. This path works on both desktop and mobile.

Under Security checks, expand the Where you're logged in option, and select your account. Now you can review a comprehensive list of devices from which you've most recently logged into your Facebook account and when they were active. You can select each individually or all at once to log them out. Be sure to change your password before you remove a suspicious login.

Facebook Accounts Center Where You're Logged In

Other signs that your account may have been hacked include:

  • Your personal data, including your password, email address, phone number, or name were changed by a third party. Within the Accounts Center, go to Personal details and expand the Contact info option. Here you can see all email addresses and phone numbers associated with your account.
  • Friend requests and private messages were sent from your account without your doing. From your account menu (click your profile image in the top right), select Settings & privacy > Activity log and look through all the events logged here.
  • Your timeline contains posts you didn't add or permit. To see your timeline, click your profile picture in the top right and select the profile you'd like to review.

If you're using Facebook to log into other applications, like Spotify or Instagram, we strongly recommend changing the respective logins or tightening your Facebook security to secure these third-party accounts.

If you spot any suspicious activity in your logins or have seen one or more of these other signs, you'll find what you need to do below.

What to Do If Your Facebook Account Was Hacked

If you have confirmed that your account has been compromised, here are the steps you should follow.

1a. Change Your Facebook Password

In case your Facebook hacker hasn't changed your password, you got lucky! Immediately update your password before you log out of suspicious sessions; you don't want to alert the hacker. If it's too late, head to step 1b.

To change your password from either your desktop or mobile device, go to Accounts Center, select Password and security, and then select Change password. Pick your account, enter your current password, set a strong new password, and click Change password.

Facebook Account Center Change Password

After a successful password change, you'll see a Log out of other devices? screen pop up. Log out all suspicious sessions and click Log out.

Do this only if you're sure you can log back in.

We recommend logging out completely, provided your contact details and security settings are up-to-date. You don't want to jeopardize your means of logging back in. If you're unsure, manually log out of all recent sessions that seem suspicious.

If you still think your account has been compromised, proceed to Step 3.

1b. Reset Your Facebook Password

If the hacker did change your password, and you need to recover your Facebook account, act quickly. Try to regain access, use the Forgot your password? link underneath the Facebook login.

Facebook Login Page

This will let you retrieve your password in several ways. First, you'll have to Find Your Account. You can either enter the email address you used to register with Facebook or any other secondary email address you added, as well as your phone number.

Facebook Find Your Account

If Facebook can find your account, you can choose how to Reset Your Password.

If the hacker changed your email address, you should have received a message to the original address. Find this message because it contains a special link that will let you reverse the change and secure your account.

In my case, Facebook offered to send a recovery code to any of the email addresses I added to my account. We highly recommend that you specify multiple backup email addresses.

Remember that you must keep those accounts equally secure, at least by using a strong password and ideally by enabling two-factor authentication on your email accounts.

Facebook Password Recovery

Use the Try another way link if you no longer have access to any of the offered email accounts. Facebook will offer to send a code to the phone numbers associated with your account. If none of those are viable, either, it's nearly impossible to recover your account.

If you believe that the Facebook hacker who has access to your account has been abusing it, proceed to step 2.

2. Report the Facebook Hack

If your account was not only hacked, but is sending out ads and spam to your friends, you must report it as compromised to Facebook using Facebook.com/hacked/.

Facebook Hacked Report

You can also use this in case you have lost access to your account by means of a phishing attack. Facebook will help you recover access to your account.

3. Remove Suspicious Applications

Oftentimes, it's not a person that randomly hacked your account. You may have granted access to a malicious Facebook application that subsequently hijacked your account.

To remove suspicious applications, go to Settings > Apps and Websites and go through the list.

Click See More to expand the list of Active apps and websites, and click Remove for each suspicious app individually.

Facebook Apps and Websites Review

We also recommend removing all Expired apps and websites.

Alternatively, click the View and Edit button and change the app's permissions, which include options like app visibility, access to your personal information, and actions it can take.

Edit Facebook Apps and Websites Permissions

4. Do Damage Control

After doing everything you can to regain control over your hacked Facebook account and prevent further damage, inform your friends and family about what is going on.

This is a precautionary step in case the hacker has used your account to reach out to people. If you presently can't access your account, contact your Facebook friends through other social networks, by email, or have a mutual friend inform them via Facebook.

Improving Facebook's Privacy and Security Settings

Once you're back in control, we highly recommend that you review your Facebook settings. Head to the Meta Accounts Center and review the following points:

  • Under Personal details, review your contact info and add additional email addresses or mobile phone numbers that you have access to. Likewise, remove those you no longer have access to.
  • Under Password and security, set up extra security measures, including alerts about unrecognized logins and two-factor authentication. You can also launch Facebook's security checkup to guide you through all your options.
  • Under Settings > Privacy, choose the privacy settings you're comfortable with. We recommend letting only friends see your future posts and retroactively limiting the visibility of past posts.

These settings not only secure your Facebook account, they can also help you recover it. Note that the single most important security feature you can enable on any of your accounts is two-factor authentication. You can use Microsoft Authenticator and Google Authenticator with Facebook.

How Do You Keep Your Facebook Account Safe?

Getting hacked is a painful experience. However, it's also a learning opportunity. After setting a strong password, enabling two-factor authentication, and updating all your information, your account will be protected from getting hacked again. Now take these lessons forward and apply them to your other online accounts.