1. Make sure only your friends can see your timeline posts

You don’t want strangers checking you out on Facebook (presumably) so make sure you limit who can view your Facebook timeline.

While the key elements of your profile (name, picture, cover photo, etc.) are viewable by everyone, many other aspects of your timeline can be blocked from prying eyes.
First, make sure all your future posts are locked down. Click on the padlock icon on the top toolbar (on the right hand side), then click ‘Who can see my stuff?’.
Under ‘Who can see my future posts’, choose from:

Public (which obviously means everyone)
Only me
Custom (which allows you to limit some of your friends from seeing your posts)

Pick what’s best for you, but make sure ‘Public’ isn’t selected. Whatever you choose will then become the default every time you post an update (though you still have the option of selectively changing this for each individual update you post in the future).

2. Control who can contact you on Facebook

Click on the padlock icon on the top toolbar (on the right hand side), then click ‘Who can contact me’.
By default this is set up as ‘Basic Filtering’ to allow friends and people you may know the opportunity to send you a message.
If you want only friends to be able to contact you, you can increase the filtering on your inbox. Other messages will then be diverted to your ‘other’ folder which you can access from the Messages screen.
To do this, click ‘Strict Filtering’ under ‘Whose messages do I want filtered into my Inbox?’
From this area of the screen you can also limit who is able to send you a friend request, choosing between everyone or just friends of your friends.

3. Control who can discover your profile based on your email address and/or telephone number

If you wish to control who can find you based on the email address or telephone number you used to sign up Facebook then you can do so by first clicking on the arrowhead at the top right of any page and then clicking ‘Settings’.
Next, select ‘Privacy’ from the menu on the left hand side of the page and look for the ‘Who can look me up?’ option.
You will notice that there are separate settings for both your email address and telephone number.
Click ‘Edit’ next to each to choose Friends, Friends of Friends or Everyone.
Email and phone number

4. Set up login notifications

You can set Facebook up to send you an alert every time your account is accessed from an unknown computer or other device. This can be a handy way of receiving a warning should someone gain unauthorised access to your account.
Again, click the arrowhead at the top right of any page and choose ‘Settings’.
Choose ‘Security’ from the menu on the left hand side.
‘Login notifications’ is the top option available so click ‘Edit’.
Choose from receiving either an email and/or a text message/push alert. Click ‘Save Changes’. Login notifications are now active on your account.

5. Turn on login approvals

You can choose to have an extra layer of security when accessing your account from an unknown browser. Facebook will send a code to your phone which you will then need to use to login.
Click the arrowhead at the top right of any page and choose ‘Settings’, then ‘Security’ from the left hand menu.
Tick the box that says ‘Require a security code to access my account from unknown browsers’. Facebook will then take you though the process of setting up login approvals so click on ‘Get Started’ to begin.
Once you have set up login approvals you will only need to enter a code when you try to login from a new device. It is a feature that makes it that much harder for a hacker to gain access to your account and as such is well worth enabling.
Note: if your browser clears your history on exit, or has private browsing switched on, you may need to enter a code every time you log in.