The first thing you should do is change the password of your Facebook account, as you should also make sure that you choose a complex and completely different password than before, for example, do not change your password from “qwerty123” to “qwerty1234”, also make sure that Do not share your password with any other accounts.
Steps to change the Facebook account password
From the Facebook settings, choose the option Security and login.
Under the Login section, click on the Change password button.
Enter your current and new password and click Save Changes.
Log out of your Facebook account from anywhere
Now that you have changed your password, you need to log out of Facebook from wherever you are logged in or someone else logged in using the stolen login credentials, follow the steps:
Head to the Facebook settings and click on the security option and log in.
Under the Where to sign in section, click the Show More button.
Then, click Sign out for all sessions.
Doing so will further secure your account and make sure that no one, including you, is logged out of your Facebook account.
Enable two-factor authentication and remove all authorized logins:
Two-factor authentication is the most popular way to add an extra layer of security to any account. Doing the same on Facebook will help prevent unauthorized logins. Here's how to do it:
To enable 2FA on Facebook, go to Settings -> Security & Login -> Two-Factor Authentication -> Enable it -> Select your preferred 2FA method and complete the setup.
Once done, you need to remove all authorized logins: for this, click on Authorized Logins, select All Registered Logins and click on the Remove button
Enable login alerts to be notified of random logins
The feature is available under Additional Security Setting On the Security and Login page, click Get alerts about unknown logins and enable it. Also, randomly generated passwords should be used to log into third-party services instead of Facebook login credentials.
And Facebook allows users to generate random passwords to log into third-party websites in place of the original login credentials, this can be done from Settings -> Security and login -> App passwords.