How to Check if Someone Accessed Your Facebook Account

Find active sessions, login history, and document unauthorized access

🛡️ If you're in an abusive situation: Someone monitoring your Facebook can see Messenger conversations, location check-ins, and even who you're talking to. If you suspect monitoring, use a safe device (library computer, trusted friend's phone) before investigating. National Domestic Violence Hotline: 1-800-799-7233.

Facebook accounts are commonly monitored—by suspicious partners, exes, or even hackers. Unlike email, Facebook contains your social connections, private messages, photos, and location history. Someone with access can see who you're talking to, not just what you're saying.

This guide shows you exactly how to find unauthorized access and document it before taking action.

Before You Change Anything: The Evidence Problem

⚠️ Don't change your password yet if you might need evidence of ongoing access—for a restraining order, custody case, or police report. Once you lock them out, you lose the ability to prove they had access. Screenshot and export everything first.

Step 1: Check Active Sessions (Right Now)

This shows every device currently logged into your Facebook:

  1. Open Facebook → tap Menu (☰) → Settings & PrivacySettings
  2. Tap Password and security (under Security)
  3. Tap Where you're logged in

You'll see a list of active sessions with:

  • Device type — iPhone, Android, Windows, Mac, etc.
  • Location — City based on IP address
  • Last active — When that session was last used
💡 Look for: Devices you don't own, locations you haven't been, or sessions active at times you weren't using Facebook. An "Android" device when you only use iPhone? That's a red flag.

Step 2: Review Login History

Active sessions only show current access. To see historical logins:

  1. Go to SettingsPassword and security
  2. Scroll to Security checkup
  3. Look at Recent emails from Facebook — shows security alerts you may have missed

Also check your email for Facebook security alerts like:

  • "New login from [Device] in [Location]"
  • "Your password was changed"
  • "A new device was added to your account"

Step 3: Download Your Facebook Data Export

Facebook's data export contains a complete history of your account activity—far more than what's visible in the app. This is critical for documentation.

  1. Go to SettingsYour Facebook InformationDownload your information
  2. Select JSON format (machine-readable, easier to analyze)
  3. Choose All time for date range
  4. Select at minimum: Security and login information, Your activity across Facebook, Logged information
  5. Tap Request a download

Facebook will email you when your export is ready (usually within 24 hours). Download it to a device the suspected person can't access.

What Facebook Logs (And What It Doesn't)

Facebook Logs This Facebook Does NOT Log
Device type for each login Specific messages read
IP address and approximate location Time spent on specific profiles
Timestamps of account activity Screenshots taken by other users
Password changes and security events Who else they shared your content with
Connected apps and sessions Third-party monitoring apps

Red Flags in Your Facebook Data

When reviewing your export or active sessions, watch for:

  • Logins from unfamiliar devices — "Samsung Galaxy" when you use iPhone
  • Logins from unexpected locations — Cities you haven't visited
  • Active sessions at suspicious times — 3 AM when you were asleep
  • Multiple simultaneous sessions — You can only use one device at a time, but someone else could be logged in simultaneously
  • Login from the same IP as someone you suspect — If they're on your WiFi, IPs may match

Analyzing Your Export with ForensAI

Facebook exports are JSON files that are nearly impossible to read manually. ForensAI scans your export for:

  • Login anomalies — Unfamiliar devices, unknown IPs, impossible travel
  • Security events — Password changes, 2FA toggles, recovery email changes
  • Activity patterns — Access during times you weren't active
  • Location correlation — Flag activity near addresses you specify (ex's home, etc.)

The analysis runs 100% on your device—your Facebook data never leaves your phone. This matters when you're dealing with sensitive evidence.

Download ForensAI Free — Scan Your Facebook Export

Free scans show top findings. Full Forensics ($179) unlocks complete analysis + PDF reports for legal documentation.

After You've Documented Everything

Once you have evidence documented:

  1. Change your password to something completely new (not a variation of your old one)
  2. Enable two-factor authentication — Settings → Password and security → Two-factor authentication
  3. Log out other sessions — In "Where you're logged in," tap each suspicious session and "Log out"
  4. Review connected apps — Settings → Apps and websites → remove anything suspicious
  5. Check Messenger — Messenger has its own settings for active sessions

If You Need the Evidence for Legal Purposes

For restraining orders, divorce proceedings, or police reports:

  • Keep your original export ZIP file — Don't modify it; courts prefer unaltered evidence
  • Generate a ForensAI PDF report — Full Forensics ($179) creates timestamped reports with all findings
  • Document the timeline — When you noticed signs, when you confirmed access, when you locked them out
  • Consult an attorney — They can advise on how to present digital evidence in your jurisdiction

Related Guides

ForensAI is an educational tool for personal use. For legal matters requiring certified evidence or expert testimony, consult a licensed forensic examiner or attorney.

support@forens.ai

AI for life + work