Digital Identity

How to Protect Your Personal Information on Social Media

  • Reading Time: 7 mins
  • Source: The SecDev Foundation
  • Last Update: 17 September 2021
  • Type: How-To
Illustration of a woman with a lock illustration on her tshirt and there are social media icons behind her.

If you are like most other people who spend a lot of time on social media, it is highly likely that you are sharing a lot of your personal information online. The details that our various social media accounts reveal often include our full names, schools we go to, organizations we work for, our family connections and friends, places we live in or visit often, our hobbies and interests, political leanings and musical preferences, and so on.

All of this information can be used against us. Fraudsters can use your personal details to impersonate you and fool your friends or colleagues into sending them money or giving up sensitive information. They can also use information gathered on your social media accounts to guess your security questions on banking or dating sites, steal your online accounts, or harass you.

The good news is that a few quick and easy fixes listed below will help you keep your personal information safe while still enjoying the benefits of making social media connections.

1. Use strong and unique passwords

Protect every social media account you have with a password that is impossible to guess or crack. A password is strong when it has at least 12 characters, including upper- and lower-case letters, numbers, and special symbols. Random combinations of these characters make the strongest passwords. Read more about how to create passwords that are hard to crack.

Make sure to use a unique password for every online account you have. Read more about why it is a really bad idea to use the same or similar password for different accounts. Do not fret over having so many complex and unique passwords – you can use a password manager to “remember” and store them safely for you.

2. Add a second layer of protection

Unfortunately even the strongest password can be stolen or compromised in some other way. This is why you should use two-factor authentication (2FA) to protect your social media accounts. When enabled, 2FA requires that you use a second way of proving your identity in addition to entering a password.

The safest way to use 2FA is to install an app on your smartphone that will generate temporary numerical codes. To access a social media account, you will need to enter such a code immediately after entering your password. Read more about how to use two-factor authentication to protect online accounts.

3. Keep your software up-to-date

In a world where cybercriminals are increasingly good at exploiting vulnerabilities in the various apps people have on their devices, it is very important to keep your software up-to-date. Make sure that the device you are using to access your social media accounts always has the latest version of the operating system running. Whether you are using a computer or a mobile device, make sure that you have an antivirus running and that it is set to update automatically.

If you access social media sites in a web browser, make sure that the browser is up-to-date. If you use dedicated social media apps on a mobile device, update them often.

4. Know the people you friend

This is pretty straightforward: the more people you are connected to, the harder it is to control what happens to the personal information you share on social media. Unless you have a good reason to keep your social media accounts open to everyone, consider restricting who can view your posts and photos. Read more about how to do so on Instagram and Twitter.

It is a good idea to regularly revisit the lists of your followers on the various social media services you are using. Consider removing people you no longer trust or communicate with. If a user is asking you for personal information, disturbs you or does something else in a way that makes you suspicious of their motives, consider blocking and reporting such profiles.

5. Manage your privacy settings

Social media services are designed to make your posts and photos accessible to as many users all over the world as possible. Fortunately, these services also allow you to adjust the default privacy settings so you can control exactly how much others can see. For instance, most social media sites allow you to limit who can view your profile, block specific users, share photos only with specific people and so on. Make sure you learn how to use these settings and manage them to maximize your privacy. Read more about how to manage privacy settings on Instagram and Twitter.

6. Keep your personal information off social media

Social media sites give you the option of adding a lot of personal details to help others find you. Where did you go to school? Are you married? Who else from your family has an account with us? These details give social media sites a very intimate portrait of your life and provide a real treasure trove for ill-meaning people.

Try to limit the amount of personal information you post, including biographical details, family connections, and photos. Do not ever share photos of your IDs, concert tickets or boarding passes. Think ahead and remember that once you post something, it is almost impossible to take it back or know who exactly has access to this information.

7. Don’t share your location

One way social media users often make themselves an easy target for ill-meaning people is by telling everyone where they are and where they often go. We do it by using a check-in feature on social media apps, posting photos that show where we are or writing about a wonderful experience we are having somewhere.

If you care about privacy and personal safety, it is a good idea not to share your location with others. Turn off your gadget’s location sharing and adjust privacy settings on the social media services to stop them from tracking your location. Do not use social media check-in features and do not post photos that show where you are, at least until you leave the place.

8. Don’t use your social profiles to log into other websites

It may be tempting to use the “Log in with Facebook” option when creating a new online account. Yet by doing so, you are trusting the third party site you are logging into with your Facebook credentials. Even in pure statistical terms, this increases the odds that your account will be compromised. You are also providing Facebook with access to even more of your personal data. So, never log into other websites with your social media accounts.

9. Don’t give other apps access to your accounts

Most users are completely unaware of how many apps or websites they have given permission to link to their social media accounts. Every time you click on a quiz someone shares on Facebook or tap “Click to see which celebrity you look like,” you are granting an additional app or service access to your account. These apps can potentially see who you are friends with, access your profile pictures, birthday and address details, and so on.

Revisit the list of apps and services that have access to your social media accounts on a regular basis. Remove everything that is outdated, suspicious or no longer being used.

10. Know how to handle public and shared devices

Logging into social media accounts on public or shared devices always puts your personal information at risk. While you can minimize some of these risks, you cannot really eliminate them. When you use a public device at a library, school or airport to check your social media profiles, make sure you always log out after you are finished and, when possible, end your session or reboot the device.

Try not to log into your social media accounts on shared computers at internet cafes. Always assume that such computers have keyloggers or other types of spyware installed on them. If you absolutely have to check a social media account at an Internet cafe, make sure you have two-factor authentication enabled on your account and change your password from a different computer soon after you access the account.

11. Watch out for links

It is one of the foundational digital safety rules that you should never click on links from people you don’t know or don’t fully trust. This applies to links on social media, too. Such links can be sent to you via private messages or posted in comments under a photo or a status update. If you don’t know exactly where a link will take you, don’t click on it.

Hovering over a link will give you more information about where it leads if clicked – but this option is not available on mobile devices.

12. Close unused accounts

As newer and trendier social media platforms replace the outdated ones, it is important to keep track of all the accounts you have opened and delete the ones you are no longer using. It is easier for hackers to compromise your abandoned or forgotten accounts without you noticing it.

A compromised account and all the information in it can then be leveraged to hack into other accounts or impersonate you. In addition to closing the accounts you are no longer using, ask the social media service, where possible, to delete all of the information they have on you. One of the advantages of using a password manager is that it makes it easier to keep track of all the accounts you open.

Learn more about

Digital Risks Icon Digital Risks Passwords Icon Passwords Devices Icon Devices Data Icon Data Conversations Icon Conversations Digital Identity Icon Digital Identity

This site is licensed as Creative Commons BY-NC-SA 4.0. Please read our attribution policy to learn about freely redistributing out work.