Facebook security audit

Facebook Security Scorecard

Facebook is where scammers go to retire comfortably on your money. Romance scams, clone accounts, Marketplace fraud, and phishing links all call Facebook home. This scorecard checks whether your settings are protecting you or inviting trouble over for dinner.

How this works: Check what you've actually done. Not what you planned to do after that one scary article you read and then immediately forgot about. Each setting is weighted by real-world damage potential. You get a grade and a prioritized fix list at the end.

Account Security

Two-Factor Authentication

Is two-factor authentication enabled on your Facebook?

25pts

Active Sessions Reviewed

Have you checked 'Where You're Logged In' in the last 30 days?

15pts

Strong Unique Password

Is your Facebook password unique and not used on any other site?

15pts

Trusted Contacts Set Up

Have you designated trusted contacts who can help you recover your account?

5pts

Privacy Settings

Posts Set to Friends Only

Is your default post audience set to 'Friends' instead of 'Public'?

15pts

Friend Request Controls

Is 'Who can send you friend requests' set to 'Friends of friends'?

15pts

Search Engine Visibility Disabled

Have you turned off 'Allow search engines outside of Facebook to link to your profile'?

10pts

Tag Review Enabled

Is Timeline Review turned on so you approve tags before they appear?

10pts

Behavior

Marketplace Payment Safety

Do you only accept in-person cash or platform-protected payments on Marketplace?

15pts

Clone Awareness

Do you periodically search your own name on Facebook to check for cloned accounts?

10pts