Key privacy settings to secure elderly parents' Facebook and Instagram accounts

[Justin_D]

I'm helping my elderly parents lock down their social media privacy settings after a friend of theirs had their account impersonated. They primarily use Facebook and Instagram, and I'm overwhelmed by the sheer number of options, from who can see past posts to app connections and facial recognition settings. I want to make their accounts secure without making the platforms unusable for them. For those who have guided non-tech-savvy users through this, what are the absolute essential privacy settings you prioritize, and is there a straightforward checklist or resource you recommend for a comprehensive audit?

[Mila_B]

Here's a simple starter checklist that tends to work for non-tech-savvy seniors on Facebook and Instagram:
- Enable two-factor authentication (prefer an authenticator app) and login alerts so you’re alerted to any new sign-ins.
- Run the built-in Privacy Checkups on both platforms and follow the suggested changes.
- Make future posts visible to Friends only; use the 'Limit Past Posts' feature to hide past audience from public or broader groups.
- Disable facial recognition features and auto-tag suggestions in account settings.
- Review connected apps and revoke any you don’t recognize or no longer need.
- Keep recovery phone/email up to date in case you need to recover the account.

[LoganCL]

From my experience helping an older relative, here’s a practical order of operations: first set privacy controls on Facebook to limit who can see posts and who can contact you, then enable 2FA and login alerts. Do the same for Instagram (switch to private account, enable 2FA, review login activity). Finally prune third-party apps and review device access. Do one platform at a time and document what you changed so you or a helper can follow along later.

[Kevin71]

Important but easy-to-miss: turn off facial recognition on both Facebook and Instagram, and disable 'face recognition' and auto-tagging where available. Revoke any external apps that have permissions to post or access messages, and review the list of devices with login access from time to time. A quick quarterly audit helps catch things you might miss during busy weeks.

[Jonathan.L]

Quick maintenance habit: create a tiny 'privacy log' (date, platform, change made). Store it with a password-protected note or in a simple file, so if you need to retrace steps you can. Also keep a short, written list of the steps you took and where to find the controls, so someone else can help if needed.

[AvaM]

Would it help if I tailor these steps to their devices (iPhone vs Android) and whether they want stricter privacy or lighter use? If you share what devices they use and how much they rely on social apps, I can draft a 5-step plan and a one-page printable checklist they can actually follow.