Social Media Hub facebook account compromised, facebook account recovery, facebook hack fix, facebook hacked, facebook hacked account tool, facebook id verification, facebook security, facebook trusted contacts, facebook two factor authentication, recover facebook account Louis KORHONEN May 3, 2026 0 Comments

Facebook Account Hacked: Step-by-Step Recovery Guide

Table of Contents

Act Fast — Time Matters

When a Facebook account is compromised, the attacker’s first move is usually to change the email and phone number associated with the account, cutting off standard recovery. The sooner you start the process below, the better your chances of recovering before that change takes effect.

Step 1: Use Facebook’s Hacked Account Tool

Go to facebook.com/hacked — this is Facebook’s dedicated recovery portal.
Click My Account Is Compromised.
Enter your old email address or phone number and follow the prompts. Facebook will try to identify your account even if the attacker changed your credentials.

Step 2: Request a Login Code to an Old Email or Phone

On the login screen, click Forgot password?
Enter your old email or phone. Even if the attacker changed the primary contact, Facebook sends recovery codes to previously verified contacts for up to 72 hours after the change.
If you get the code, immediately change your password to something long and unique.

Step 3: Use Trusted Contacts (If Set Up)

On the login screen → Forgot password? → Get more help → Use my trusted contacts.
Facebook will send recovery codes to 3–5 friends you previously designated as trusted contacts.
Collect the codes from your friends and enter them to regain access.

Step 4: Submit a Government ID

If all else fails, go to facebook.com/id and submit a photo ID (passport, driver’s license).
Facebook will verify your identity against the name on the account and restore access, typically within 1–3 business days.
This is the most reliable last-resort option when all other recovery paths are closed.

After Recovery: Secure Your Account

Change your password immediately — use a unique password not used on any other site.
Enable two-factor authentication: Settings → Security and Login → Two-Factor Authentication.
Review and revoke all active login sessions under Where You’re Logged In.
Remove any apps you don’t recognize under Settings → Apps and Websites.

Pro Tip: After a hack, check your account’s email address for any Facebook notifications you may have missed. Attackers often make changes gradually — catching a “your email was changed” notification early can save the account before things escalate.

Related Guides

If your Twitter/X was also compromised, see our Twitter account suspended recovery guide. For Instagram, our Instagram login loop guide covers session and security fixes.