Followup: Locking down your Facebook

As Mary stated in response to my last post, flouncing on Facebook isn’t necessarily an ideal option for some of us as much as we may wish to.

If you choose to stay with Facebook (and it is entirely your choice), there are various things you can do to mitigate the effect of the privacy erosion. One of these things is locking down your profile. We all have different tolerances and needs, so do what you need to do to make yourself comfortable.

I’m throwing out this excellent guide for those who are confuzzled on the whole locking down process. It shows you in a series of screenshots a good number of the steps you can take.

Note, however, that due to the very nature of these posts, the abovementioned guide may cease to be accurate at some arbitrary point in time determined only by Zuckerberg’s whim. It is also worth checking regularly that your choices have not been overridden.

If you have comprehensive howto links that might add to this, explain it in a different way that others may understand better, or cater to a different social networking service altogether, please add them in the comments.

Note: Please take care not to be too ‘splainy here; howtos of your own should be posted to your own blog and linked instead. Any blamey comments (if it starts out akin to “well, I just don’t…” or “what do you expect…”, you’re being blamey) will be bitbucketed. With prejudice.

15 thoughts on “Followup: Locking down your Facebook

  1. lauredhel

    Something I don’t see in the slideshow is to use a separate throwaway email address for your Facebook account. Even with Facebook’s “privacy” settings locked down tight, people can find your Facebook profile with “Friend Finder” and your email address.

    1. gamerchick02

      I’d just open up a yahoo/hotmail/gmail address for that purpose. I have one on yahoo that I use for signing up for different things (you know, when a company wants your email for “coupons” that are really marketing emails).

      I doubt that Facebook would allow a mailinator address to be used to sign up for the service.


      1. Selene

        They don’t allow mailinator. If you try to sign up with a mailinator address, it says “Please enter a valid e-mail address.”

  2. gamerchick02

    Thanks for the how-to lock down Facebook. Mine is pretty locked down, but I did do some recent revamps and I hope it’s not visible to outsiders and people who aren’t my “friends”.

    I’ll spread the link to my friends that aren’t as techy as me.


  3. Shana

    Thank you for this! I’ve been sharing it with my friends, and for each of us the slide show highlighted something different that we had missed.

  4. Terri

    (For those who don’t know, I study web security for a living.)

    The one thing you all need to know about Facebook privacy is that while those settings are nice, many cannot be enforced technically, and Facebook has a poor history of enforcing them through sanctions against organizations caught violating them. So basically, they’re lies.

    Anything that your friends can see in your profile IS shared with any advertiser whose ads they see, any game they install, etc. There is nearly no way to block this using current technologies, and I haven’t seen any evidence that Facebook has even attempted some of the crazy browser contortions necessary to do so. (And I did look.) If those third parties play by the rules, they might not use the information, but they can most definitely gain access to it if they want.

    So to be most safe, you really do have to limit what you share to things that you’re willing to share with a much larger audience, regardless of what the privacy settings tell you. “Locked down” profiles make it harder, but far from impossible to gain access to private information.

    1. Melissa Post author

      Yeah, locking stuff down is more relevant to people in your network, as opposed to advertisers. Advertisers are probably somewhat minor on the scale of personal safety. IMHO anyway.

      1. Mary

        In terms of physical safety, perhaps not so much, but a malicious advertiser (and some of them are) might guess at your email or credit card credentials and so on and hack your other accounts. Identity theft, emails being deleted or read, your computer being recruited into a botnet and so on is an upsetting experience for anyone and disproportionately hard to recover from for people without much money, time, confidence, contacts etc. So I can see that kind of web security as a feminist issue.

      2. Leigh Honeywell

        Not so much a feminist issue either, but ad networks are constantly being exploited to serve up malicious content, too. I see it all the time in $dayjob.

      3. Terri

        It’s maybe not relevant for casual privacy breaches, but if there’s a risk of someone specifically targeting you or your friends, it is potentially a big deal that advertisers and apps can trivially get more information than they “should.” Buying targeted advertising or creating an app and sharing it with mutual acquaintances would both be fairly cheap ways to gain access to your more private info. So it’s definitely a concern if there’s a chance your would-be attacker is willing to invest a little money or time to make your life unpleasant… and sadly, this is not an uncommon story.

  5. Selene

    One thing the slide show doesn’t mention is that in the drop-down where it tells you to pick “Only Friends”, you can also pick “Customize”. That lets you allow specific users, or even “Only Me”.

Comments are closed.