Unfortunately with the popularity of Facebook comes the popularity and frequency of Facebook accounts getting hacked or stolen.
I need to be clear from the start: I can’t guarantee you’ll get it back. Much depends on whether or not you set up recovery options before you lost it, and whether or not you kept those options up-to-date.
Let’s walk through the process.
Become a Patron of Ask Leo! and go ad-free!
Underneath the password field of the Facebook login is a link:
It may say “Can’t log in”, “Forgot your password?” or something similar. Click that.
You may then be asked to “Find Your Account”:
The best thing to enter here is the email address that you normally use to log in. If, for some reason, that doesn’t locate your account, the hacker may have deleted the account or changed the email addresses associated with it. Try entering the phone number you previously associated with the account, or your full name as you previously entered into your Facebook profile.
Assuming you can identify your account successfully, you’ll then be asked why you can’t login:
Since we’re talking about hacked accounts, select that and click on Continue.
The first option presented is simply a password reset link:
As you can see, that’s the only option I have available with this account at this time. So I’ll click Continue. (If you have additional email accounts associated with your Facebook account, the password reset link will be sent to all of them. If you have a mobile number associated with your account you may be given the option to use a text message instead. In both of these cases the additional account or mobile number must be set up before you need it, while you have access to your account.)
Facebook then presents this page:
and also sends a message to the listed email address:
After entering the code Facebook presents the option to select a new password:
Enter the new password twice and click Continue.
You now have control of your account once again.
Since your account was hacked, Facebook will now take you through some extra steps to secure the account from future threats.
Do not skip this step! This will look at the common changes hackers make, help you recover, and help you prevent this from happening again.
First, Facebook will verify the email address(es) associated with your account:
Make sure to check the email address(es) that are correct and to which you have access. Leave the others unchecked, and click Continue.
Facebook then reviews your email account password status:
This is not your Facebook password. This message is asking if you are certain that you are the only person who knows the password to your email account. Anyone who can access your email by virtue of knowing your email account password can, in turn, access your Facebook account.
Once you are certain that your email account is secure, check the box and click Continue. If you are not certain, open another browser window and go change the password to your email account, and take whatever other steps are necessary to secure it first.
Facebook makes a couple of additional recommendations:
Login approvals use techniques such as SMS messages and automated voice to give you a confirmation code prior to letting you log in. You can bypass this on computers into which you log in frequently. A potential hacker would be unable to log in because they would not have the phone associated with your number.
A verified mobile number is a way to reset your password and recover the account should you lose access to your email account.
And finally Facebook suggests you review your recent activity to undo anything that the hacker might have done while having control of your account:
Naturally I recommend you take a few minutes and do this now as well.
But what if…
The scenario above represents the best case scenario: you still have access to the email account associated with your Facebook account.
But what if you don’t?
The sad truth is you may never get your Facebook account back.
- If you no longer have access to the email account associated with your Facebook account
- and you never set up additional email accounts associated with your Facebook account
- and you never set up a mobile phone associated with your Facebook account
- and you never set up Facebook’s “Trusted Contacts” to help should your account be lost
- AND your account is hacked or you lose your password…
- THEN you cannot prove to Facebook that you have any right to access that account.
Facebook will not give it back to you, simply because they have no way to know that you’re not just another hacker trying to steal the account.
As you proceed through the recovery process, make sure to read all instructions that Facebook gives you completely. On several of the items there’s a “I don’t have access to this any more” link that may take you to additional options that perhaps you can use. If you can’t, however, you may be out of luck.