Skip to content

How to hack a Facebook account

Rate this post

How to hack a Facebook account: Facebook is the virtual square where every day we pour our thoughts, our photos, our videos and other information that say a lot about our real life. Maybe too much. That’s why you have to pay attention to how you use your social profile and the audience you are targeting.

Are we sure that our data is not at everyone’s mercy? How likely is it that strangers can “sneak” into our profile and access private information? To answer these and other questions, I decided to publish today’s tutorial: a tutorial in which we will discover some of the techniques most used by attackers to hack Facebook accounts and – more importantly – we will learn how to defend ourselves against these types of threats. .

I assure you that you don’t have to be a mega-computer expert to sleep reasonably soundly. All that needs to be done is to take precautions with all the tools made available to us by Facebook (and not just by Facebook) and act with healthy common sense. If you want to better understand what I’m referring to, read on: below you will find a brief overview of the techniques that allow attackers to hack a Facebook account and a series of tips on how to fight them.

Techniques for hacking a Facebook account

As just mentioned, let’s start by making a quick overview of the main techniques that attackers can put into practice to hack a Facebook account .


One of the most common dangers is that related to phishing . If you have never heard of it, phishing (adaptation of the English word “fishing”) is a technique by which cybercriminals bring their victims to provide them with access data to a certain service.

In the specific case of Facebook, attackers can deceive the user through fake emails from the social network or notification messages linked to the pages . In both cases, the victim of the attack is conducted on a web page very similar in appearance to those of Facebook, where he is invited to enter the login details of his account: in reality the pages in question are managed by pirates and all information entered in them ends up in their hands.

Unauthorized access

How to hack a Facebook account

If you have not secured your account, so you have not set a strong password , you have not activated two-factor authentication (i.e. you have not associated a security code to be received via SMS with the basic password of the account) and you have chosen trivial answers to security questions , you could be the victim of an account “hack” simply because the attacker on duty is able to guess your access data (perhaps using the password reset functionality offered by the social network).

This threat is one of the most serious because, often, it is not cybercriminals located in some remote place in the world who want to “hack” our Facebook accounts, but people close to us (ex partners, meddlesome friends, etc.) who they may know the information needed to answer security questions and our e-mail address.

Keylogger and spy app

How to hack a Facebook account

As I explained to you in my posts on how to log into a PC and how to spy on a mobile phone, there are applications designed with the aim of spying on all the activities that are carried out on a computer or smartphone. The applications in question act completely invisibly and are able to steal all the texts that are typed on the spied device, including access data to services such as Facebook.

The keyloggers for the PC and the spy applications for smartphones are not difficult to configure, indeed, we can say that they are more or less within everyone’s reach, but fortunately to install them you need to have physical access to the computer or phone to be monitored. This means that by adequately protecting access to your devices and avoiding the installation of software of dubious origin (which may contain malware that spies on user activities) you can avoid them quite easily.

Password recovery from the browser

How to hack a Facebook account

All major web browsing programs, from Chrome to Firefox , offer the ability to memorize the passwords used to access the Internet sites you visit. This is undoubtedly a useful function, but it is not exactly the best of life in terms of privacy.

Having physical access to your computer, an attacker could in fact take advantage of this “convenience” to easily find your Facebook login data and then access your account without permission. If you don’t believe it, try taking a look at my tutorial on how to find out Facebook password without changing it.

How to defend yourself

What we have just seen together are some of the techniques that attackers can use to hack a Facebook account . Now is the time to take the “counterattack” and find out how to protect our accounts so we can sleep reasonably soundly. I say reasonably calm because absolute security does not exist in the IT world.

Use a secure password

The very first security measure you need to take – and actually you should have taken a long time ago – is a strong password to protect your Facebook account. By strong password we mean a long password (I would say 12-18 characters), devoid of complete meaning and made up of various types of characters : lowercase letters, uppercase letters, numbers and special characters (e.g. exclamation point, at sign and so on) .

To change the password you currently use on Facebook, connect to the main page of the social network and log in to your account. Then click on the arrow located in the blue bar at the top right and select the Settings item from the menu that appears. On the page that opens, click on the Edit button located in front of the Password item and fill out the form that is proposed to you.

How to hack a Facebook account

  • In the Current field you have to type your current password.
  • In the New and Retype new password fields you must type the new password you intend to use for your Facebook account.

To save the changes, click the Save Changes button . Unfortunately, the security question cannot be changed.

Enable two-factor authentication

Another security measure that I consider essential for the protection of Facebook accounts (and not only) is the one called two-factor authentication .

In case you have never heard of it, two-factor authentication (also called two-step verification ) is a security measure that associates a temporary verification code sent via SMS (or generated by an app) to the master password of the account . In this way, every time you want to access a Facebook account from a new software or a new device, you have to enter not only the password of the account but also the security code that arrives on the user’s mobile (thus putting the malicious people who manage in one way or another to steal the password of the account).

To activate two-factor authentication on your Facebook account, connected to the main page of the social network, click on the arrow located in the blue bar at the top right and select the Settings item from the menu that appears. On the page that opens, select the Security icon from the left sidebar and click on the Edit button located in front of the Access approval item .

At this point, put the check mark next to the item Request an access code to access my account from unknown browsers and follow the wizard that is proposed to you providing, if necessary, your mobile number.

How to hack a Facebook account

At the end of the operation, at each new access to Facebook (i.e. at each access made from a new browser or a new device) you will be invited to enter a verification code automatically generated by the Facebook app on your smartphone.

Enable access control

The access alerts are another very useful tool which goes “hand in hand” with two-factor authentication. It is a function that, as the name suggests quite easily, allows you to receive alerts whenever you log in with your account from a device or browser never used before (which allows you to immediately detect any unauthorized access and to run for cover).

To activate the access alerts, connected to Facebook, click on the arrow located in the blue bar at the top right and select the Settings item from the menu that appears. Then, select the Security icon from the left sidebar, click on the Login notifications item , put the check mark next to the options Receive notifications and Login notifications via e-mail to: [your email address] and press the button Save your changes .

How to hack a Facebook account

You will receive notifications on new logins both on Facebook and via email, at the address you have associated with your account. Furthermore, by clicking on the item Devices from which you are logged in at the bottom you will be able to view the list of all the devices from which you have logged in to your Facebook account (in this way if you notice devices that you have not used you can personally block its activities by clicking on the item End activity ).

How to hack a Facebook account

Do not store the Facebook password in the browser

As I explained earlier, storing passwords in the browser is a great convenience but can pose an unnecessary risk to privacy.

My advice is to eliminate saving passwords in the browser and to rely on ad hoc solutions for managing passwords, such as LastPass (free) and 1Password (paid) which allow you to keep all passwords in one place. secure and protect them with a master password (i.e. a master password to access all data stored in their databases). They work both on the computer and on smartphones and tablets. For more information on this type of program, see my tutorial on how to keep passwords.

How to hack a Facebook account

Other useful tips

To conclude, here are some other common sense tips that should help you avoid any nasty surprises related to your Facebook account.

  • Do not enter login data on external sites – Facebook does not send emails asking for the login data to be updated and does not invite a password change via notifications. If you come across such messages it is almost certainly phishing: don’t fall for it!
  • Use effective antivirus and antimalware – do you think someone has installed a keylogger on your PC or a spy app on your smartphone? So, if you haven’t already done so, install a good antivirus, a good antimalware and run a full scan of your device. If you need advice on the best free antivirus or the best antimalware for PC, check out my tutorials dedicated to these topics. If you are looking for a good antivirus for Android, take a look at the post in which I dealt with this type of software.

How to hack a Facebook account

  • Check for app spy on your smartphone – if you have an Android smartphone, you can check for spy app on your device by going through the menus Impostazioni > Sicurezza > Amministratori dispositivoand Impostazioni > Accessibilitàand checking the apps that have elevated permissions. If you notice any suspicious ones among them, deactivate them and then remove them from the device. If you have an iPhone, however, you can unmask the spy apps by trying to connect to the addresses localhost:8888and localhost:4444from the browser or by dialing the code  *12345in the telephone number dialing screen: if the control panel of a spy app appears, open Cydia and remove it (most spy apps only work on jailbroken devices).
  • Avoid public Wi-Fi networks – public Wi-Fi networks are the hunting ground for bad guys, who could use them to “sniff” user data. To avoid unnecessary risks, do not connect to public Wi-Fi networks and prefer the 3G / LTE connection of your operator.